<?xml version="1.0" encoding="ascii"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
          "DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>esapi.reference.shelve_authenticator</title>
  <link rel="stylesheet" href="epydoc.css" type="text/css" />
  <script type="text/javascript" src="epydoc.js"></script>
</head>

<body bgcolor="white" text="black" link="blue" vlink="#204080"
      alink="#204080">
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">
  <!-- Home link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="esapi-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table width="100%" cellpadding="0" cellspacing="0">
  <tr valign="top">
    <td width="100%">
      <span class="breadcrumbs">
        <a href="esapi-module.html">Package&nbsp;esapi</a> ::
        <a href="esapi.reference-module.html">Package&nbsp;reference</a> ::
        Module&nbsp;shelve_authenticator
      </span>
    </td>
    <td>
      <table cellpadding="0" cellspacing="0">
        <!-- hide/show private -->
        <tr><td align="right"><span class="options">[<a href="javascript:void(0);" class="privatelink"
    onclick="toggle_private();">hide&nbsp;private</a>]</span></td></tr>
        <tr><td align="right"><span class="options"
            >[<a href="frames.html" target="_top">frames</a
            >]&nbsp;|&nbsp;<a href="esapi.reference.shelve_authenticator-pysrc.html"
            target="_top">no&nbsp;frames</a>]</span></td></tr>
      </table>
    </td>
  </tr>
</table>
<h1 class="epydoc">Source Code for <a href="esapi.reference.shelve_authenticator-module.html">Module esapi.reference.shelve_authenticator</a></h1>
<pre class="py-src">
<a name="L1"></a><tt class="py-lineno">  1</tt>  <tt class="py-line"><tt class="py-comment">#!/usr/bin/python</tt> </tt>
<a name="L2"></a><tt class="py-lineno">  2</tt>  <tt class="py-line"><tt class="py-comment"># -*- coding: utf-8 -*-</tt> </tt>
<a name="L3"></a><tt class="py-lineno">  3</tt>  <tt class="py-line"> </tt>
<a name="L4"></a><tt class="py-lineno">  4</tt>  <tt class="py-line"><tt class="py-docstring">"""</tt> </tt>
<a name="L5"></a><tt class="py-lineno">  5</tt>  <tt class="py-line"><tt class="py-docstring">@license: OWASP Enterprise Security API (ESAPI)</tt> </tt>
<a name="L6"></a><tt class="py-lineno">  6</tt>  <tt class="py-line"><tt class="py-docstring">     </tt> </tt>
<a name="L7"></a><tt class="py-lineno">  7</tt>  <tt class="py-line"><tt class="py-docstring">    This file is part of the Open Web Application Security Project (OWASP)</tt> </tt>
<a name="L8"></a><tt class="py-lineno">  8</tt>  <tt class="py-line"><tt class="py-docstring">    Enterprise Security API (ESAPI) project. For details, please see</tt> </tt>
<a name="L9"></a><tt class="py-lineno">  9</tt>  <tt class="py-line"><tt class="py-docstring">    U{http://www.owasp.org/index.php/ESAPI&lt;http://www.owasp.org/index.php/ESAPI&gt;}.</tt> </tt>
<a name="L10"></a><tt class="py-lineno"> 10</tt>  <tt class="py-line"><tt class="py-docstring"></tt> </tt>
<a name="L11"></a><tt class="py-lineno"> 11</tt>  <tt class="py-line"><tt class="py-docstring">    The ESAPI is published by OWASP under the BSD license. You should read and </tt> </tt>
<a name="L12"></a><tt class="py-lineno"> 12</tt>  <tt class="py-line"><tt class="py-docstring">    accept the LICENSE before you use, modify, and/or redistribute this software.</tt> </tt>
<a name="L13"></a><tt class="py-lineno"> 13</tt>  <tt class="py-line"><tt class="py-docstring">    </tt> </tt>
<a name="L14"></a><tt class="py-lineno"> 14</tt>  <tt class="py-line"><tt class="py-docstring">@summary: A reference implementation</tt> </tt>
<a name="L15"></a><tt class="py-lineno"> 15</tt>  <tt class="py-line"><tt class="py-docstring">@copyright: Copyright (c) 2009 - The OWASP Foundation</tt> </tt>
<a name="L16"></a><tt class="py-lineno"> 16</tt>  <tt class="py-line"><tt class="py-docstring">@author: Craig Younkins (craig.younkins@owasp.org)</tt> </tt>
<a name="L17"></a><tt class="py-lineno"> 17</tt>  <tt class="py-line"><tt class="py-docstring">"""</tt> </tt>
<a name="L18"></a><tt class="py-lineno"> 18</tt>  <tt class="py-line"> </tt>
<a name="L19"></a><tt class="py-lineno"> 19</tt>  <tt class="py-line"><tt class="py-comment"># Todo</tt> </tt>
<a name="L20"></a><tt class="py-lineno"> 20</tt>  <tt class="py-line"><tt class="py-comment"># Fix get_user_from_remember_token after seal/unseal written</tt> </tt>
<a name="L21"></a><tt class="py-lineno"> 21</tt>  <tt class="py-line"> </tt>
<a name="L22"></a><tt class="py-lineno"> 22</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt class="py-name">shelve</tt> </tt>
<a name="L23"></a><tt class="py-lineno"> 23</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt class="py-name">datetime</tt> <tt class="py-keyword">import</tt> <tt class="py-name">datetime</tt> </tt>
<a name="L24"></a><tt class="py-lineno"> 24</tt>  <tt class="py-line"> </tt>
<a name="L25"></a><tt class="py-lineno"> 25</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-0" class="py-name" targets="Package esapi=esapi-module.html"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-0', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-1" class="py-name" targets="Module esapi.core=esapi.core-module.html"><a title="esapi.core" class="py-name" href="#" onclick="return doclink('link-1', 'core', 'link-1');">core</a></tt> <tt class="py-keyword">import</tt> <tt id="link-2" class="py-name" targets="Class esapi.core.ESAPI=esapi.core.ESAPI-class.html"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-2', 'ESAPI', 'link-2');">ESAPI</a></tt> </tt>
<a name="L26"></a><tt class="py-lineno"> 26</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-3" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-3', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-4" class="py-name" targets="Module esapi.translation=esapi.translation-module.html"><a title="esapi.translation" class="py-name" href="#" onclick="return doclink('link-4', 'translation', 'link-4');">translation</a></tt> <tt class="py-keyword">import</tt> <tt class="py-name">_</tt> </tt>
<a name="L27"></a><tt class="py-lineno"> 27</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-5" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-5', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-6" class="py-name" targets="Class Method esapi.core.ESAPI.logger()=esapi.core.ESAPI-class.html#logger,Module esapi.logger=esapi.logger-module.html"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-6', 'logger', 'link-6');">logger</a></tt> <tt class="py-keyword">import</tt> <tt id="link-7" class="py-name" targets="Class esapi.logger.Logger=esapi.logger.Logger-class.html"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-7', 'Logger', 'link-7');">Logger</a></tt> </tt>
<a name="L28"></a><tt class="py-lineno"> 28</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-8" class="py-name" targets="Module esapi.reference.user_credentials=esapi.reference.user_credentials-module.html"><a title="esapi.reference.user_credentials" class="py-name" href="#" onclick="return doclink('link-8', 'user_credentials', 'link-8');">user_credentials</a></tt> <tt class="py-keyword">import</tt> <tt id="link-9" class="py-name" targets="Class esapi.reference.user_credentials.UserCredentials=esapi.reference.user_credentials.UserCredentials-class.html"><a title="esapi.reference.user_credentials.UserCredentials" class="py-name" href="#" onclick="return doclink('link-9', 'UserCredentials', 'link-9');">UserCredentials</a></tt> </tt>
<a name="L29"></a><tt class="py-lineno"> 29</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-10" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-10', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-11" class="py-name" targets="Module esapi.authenticator=esapi.authenticator-module.html,Class Method esapi.core.ESAPI.authenticator()=esapi.core.ESAPI-class.html#authenticator"><a title="esapi.authenticator
esapi.core.ESAPI.authenticator" class="py-name" href="#" onclick="return doclink('link-11', 'authenticator', 'link-11');">authenticator</a></tt> <tt class="py-keyword">import</tt> <tt id="link-12" class="py-name" targets="Class esapi.authenticator.Authenticator=esapi.authenticator.Authenticator-class.html"><a title="esapi.authenticator.Authenticator" class="py-name" href="#" onclick="return doclink('link-12', 'Authenticator', 'link-12');">Authenticator</a></tt> </tt>
<a name="L30"></a><tt class="py-lineno"> 30</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-13" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-13', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-14" class="py-name" targets="Class Method esapi.core.ESAPI.encoder()=esapi.core.ESAPI-class.html#encoder,Module esapi.encoder=esapi.encoder-module.html"><a title="esapi.core.ESAPI.encoder
esapi.encoder" class="py-name" href="#" onclick="return doclink('link-14', 'encoder', 'link-14');">encoder</a></tt> <tt class="py-keyword">import</tt> <tt id="link-15" class="py-name" targets="Class esapi.encoder.Encoder=esapi.encoder.Encoder-class.html"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-15', 'Encoder', 'link-15');">Encoder</a></tt> </tt>
<a name="L31"></a><tt class="py-lineno"> 31</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-16" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-16', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-17" class="py-name" targets="Class Method esapi.core.ESAPI.http_utilities()=esapi.core.ESAPI-class.html#http_utilities,Module esapi.http_utilities=esapi.http_utilities-module.html"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-17', 'http_utilities', 'link-17');">http_utilities</a></tt> <tt class="py-keyword">import</tt> <tt id="link-18" class="py-name" targets="Class esapi.http_utilities.HTTPUtilities=esapi.http_utilities.HTTPUtilities-class.html"><a title="esapi.http_utilities.HTTPUtilities" class="py-name" href="#" onclick="return doclink('link-18', 'HTTPUtilities', 'link-18');">HTTPUtilities</a></tt> </tt>
<a name="L32"></a><tt class="py-lineno"> 32</tt>  <tt class="py-line"><tt class="py-keyword">import</tt> <tt id="link-19" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-19', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-20" class="py-name" targets="Class Method esapi.core.ESAPI.user()=esapi.core.ESAPI-class.html#user,Module esapi.user=esapi.user-module.html"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-20', 'user', 'link-20');">user</a></tt> </tt>
<a name="L33"></a><tt class="py-lineno"> 33</tt>  <tt class="py-line"><tt class="py-keyword">from</tt> <tt id="link-21" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-21', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-22" class="py-name" targets="Module esapi.exceptions=esapi.exceptions-module.html"><a title="esapi.exceptions" class="py-name" href="#" onclick="return doclink('link-22', 'exceptions', 'link-22');">exceptions</a></tt> <tt class="py-keyword">import</tt> <tt id="link-23" class="py-name" targets="Class esapi.exceptions.AuthenticationException=esapi.exceptions.AuthenticationException-class.html"><a title="esapi.exceptions.AuthenticationException" class="py-name" href="#" onclick="return doclink('link-23', 'AuthenticationException', 'link-23');">AuthenticationException</a></tt><tt class="py-op">,</tt> <tt id="link-24" class="py-name" targets="Class esapi.exceptions.AuthenticationAccountsException=esapi.exceptions.AuthenticationAccountsException-class.html"><a title="esapi.exceptions.AuthenticationAccountsException" class="py-name" href="#" onclick="return doclink('link-24', 'AuthenticationAccountsException', 'link-24');">AuthenticationAccountsException</a></tt><tt class="py-op">,</tt> <tt id="link-25" class="py-name" targets="Class esapi.exceptions.AuthenticationLoginException=esapi.exceptions.AuthenticationLoginException-class.html"><a title="esapi.exceptions.AuthenticationLoginException" class="py-name" href="#" onclick="return doclink('link-25', 'AuthenticationLoginException', 'link-25');">AuthenticationLoginException</a></tt><tt class="py-op">,</tt> <tt id="link-26" class="py-name" targets="Class esapi.exceptions.AccessControlException=esapi.exceptions.AccessControlException-class.html"><a title="esapi.exceptions.AccessControlException" class="py-name" href="#" onclick="return doclink('link-26', 'AccessControlException', 'link-26');">AccessControlException</a></tt><tt class="py-op">,</tt> <tt id="link-27" class="py-name" targets="Class esapi.exceptions.AuthenticationCredentialsException=esapi.exceptions.AuthenticationCredentialsException-class.html"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-27', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">,</tt> <tt id="link-28" class="py-name" targets="Class esapi.exceptions.EncryptionException=esapi.exceptions.EncryptionException-class.html"><a title="esapi.exceptions.EncryptionException" class="py-name" href="#" onclick="return doclink('link-28', 'EncryptionException', 'link-28');">EncryptionException</a></tt><tt class="py-op">,</tt> <tt id="link-29" class="py-name" targets="Class esapi.exceptions.EnterpriseSecurityException=esapi.exceptions.EnterpriseSecurityException-class.html"><a title="esapi.exceptions.EnterpriseSecurityException" class="py-name" href="#" onclick="return doclink('link-29', 'EnterpriseSecurityException', 'link-29');">EnterpriseSecurityException</a></tt> </tt>
<a name="L34"></a><tt class="py-lineno"> 34</tt>  <tt class="py-line"> </tt>
<a name="ShelveAuthenticator"></a><div id="ShelveAuthenticator-def"><a name="L35"></a><tt class="py-lineno"> 35</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator-toggle" onclick="return toggle('ShelveAuthenticator');">-</a><tt class="py-line"><tt class="py-keyword">class</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html">ShelveAuthenticator</a><tt class="py-op">(</tt><tt class="py-base-class">Authenticator</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator-collapsed" style="display:none;" pad="+++" indent="++++"></div><div id="ShelveAuthenticator-expanded"><a name="L36"></a><tt class="py-lineno"> 36</tt>  <tt class="py-line">    <tt class="py-docstring">"""</tt> </tt>
<a name="L37"></a><tt class="py-lineno"> 37</tt>  <tt class="py-line"><tt class="py-docstring">    This implementation uses Python's shelve module to store serialized</tt> </tt>
<a name="L38"></a><tt class="py-lineno"> 38</tt>  <tt class="py-line"><tt class="py-docstring">    user objects in a binary file.</tt> </tt>
<a name="L39"></a><tt class="py-lineno"> 39</tt>  <tt class="py-line"><tt class="py-docstring">    """</tt> </tt>
<a name="L40"></a><tt class="py-lineno"> 40</tt>  <tt class="py-line">    <tt class="py-comment"># Key for user in session</tt> </tt>
<a name="L41"></a><tt class="py-lineno"> 41</tt>  <tt class="py-line">    <tt id="link-30" class="py-name" targets="Variable esapi.reference.shelve_authenticator.ShelveAuthenticator.USER=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#USER"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.USER" class="py-name" href="#" onclick="return doclink('link-30', 'USER', 'link-30');">USER</a></tt> <tt class="py-op">=</tt> <tt class="py-string">"ESAPIUserSessionKey"</tt> </tt>
<a name="L42"></a><tt class="py-lineno"> 42</tt>  <tt class="py-line">    <tt id="link-31" class="py-name" targets="Variable esapi.reference.shelve_authenticator.ShelveAuthenticator.USERS_FILENAME=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#USERS_FILENAME"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.USERS_FILENAME" class="py-name" href="#" onclick="return doclink('link-31', 'USERS_FILENAME', 'link-31');">USERS_FILENAME</a></tt> <tt class="py-op">=</tt> <tt class="py-string">"users.shelf"</tt> </tt>
<a name="L43"></a><tt class="py-lineno"> 43</tt>  <tt class="py-line">    <tt id="link-32" class="py-name" targets="Variable esapi.reference.shelve_authenticator.ShelveAuthenticator.CREDS_FILENAME=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#CREDS_FILENAME"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.CREDS_FILENAME" class="py-name" href="#" onclick="return doclink('link-32', 'CREDS_FILENAME', 'link-32');">CREDS_FILENAME</a></tt> <tt class="py-op">=</tt> <tt class="py-string">"creds.shelf"</tt> </tt>
<a name="L44"></a><tt class="py-lineno"> 44</tt>  <tt class="py-line">    <tt id="link-33" class="py-name" targets="Variable esapi.reference.shelve_authenticator.ShelveAuthenticator.MAX_ACCOUNT_NAME_LENGTH=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#MAX_ACCOUNT_NAME_LENGTH"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.MAX_ACCOUNT_NAME_LENGTH" class="py-name" href="#" onclick="return doclink('link-33', 'MAX_ACCOUNT_NAME_LENGTH', 'link-33');">MAX_ACCOUNT_NAME_LENGTH</a></tt> <tt class="py-op">=</tt> <tt class="py-number">250</tt> </tt>
<a name="L45"></a><tt class="py-lineno"> 45</tt>  <tt class="py-line">    <tt id="link-34" class="py-name" targets="Variable esapi.reference.shelve_authenticator.ShelveAuthenticator.MIN_PASSWORD_STRENGTH=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#MIN_PASSWORD_STRENGTH"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.MIN_PASSWORD_STRENGTH" class="py-name" href="#" onclick="return doclink('link-34', 'MIN_PASSWORD_STRENGTH', 'link-34');">MIN_PASSWORD_STRENGTH</a></tt> <tt class="py-op">=</tt> <tt class="py-number">16</tt> </tt>
<a name="L46"></a><tt class="py-lineno"> 46</tt>  <tt class="py-line">     </tt>
<a name="ShelveAuthenticator.__init__"></a><div id="ShelveAuthenticator.__init__-def"><a name="L47"></a><tt class="py-lineno"> 47</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.__init__-toggle" onclick="return toggle('ShelveAuthenticator.__init__');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#__init__">__init__</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.__init__-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.__init__-expanded"><a name="L48"></a><tt class="py-lineno"> 48</tt>  <tt class="py-line">        <tt id="link-35" class="py-name"><a title="esapi.authenticator.Authenticator" class="py-name" href="#" onclick="return doclink('link-35', 'Authenticator', 'link-12');">Authenticator</a></tt><tt class="py-op">.</tt><tt id="link-36" class="py-name" targets="Method esapi.access_reference_map.AccessReferenceMap.__init__()=esapi.access_reference_map.AccessReferenceMap-class.html#__init__,Method esapi.authenticator.Authenticator.__init__()=esapi.authenticator.Authenticator-class.html#__init__,Method esapi.codecs.codec.Codec.__init__()=esapi.codecs.codec.Codec-class.html#__init__,Method esapi.codecs.css.CSSCodec.__init__()=esapi.codecs.css.CSSCodec-class.html#__init__,Method esapi.codecs.html_entity.HTMLEntityCodec.__init__()=esapi.codecs.html_entity.HTMLEntityCodec-class.html#__init__,Method esapi.codecs.javascript.JavascriptCodec.__init__()=esapi.codecs.javascript.JavascriptCodec-class.html#__init__,Method esapi.codecs.ldap.LDAPCodec.__init__()=esapi.codecs.ldap.LDAPCodec-class.html#__init__,Method esapi.codecs.ldap_dn.LDAPDNCodec.__init__()=esapi.codecs.ldap_dn.LDAPDNCodec-class.html#__init__,Method esapi.codecs.mysql.MySQLCodec.__init__()=esapi.codecs.mysql.MySQLCodec-class.html#__init__,Method esapi.codecs.oracle.OracleCodec.__init__()=esapi.codecs.oracle.OracleCodec-class.html#__init__,Method esapi.codecs.percent.PercentCodec.__init__()=esapi.codecs.percent.PercentCodec-class.html#__init__,Method esapi.codecs.push_back_string.PushbackString.__init__()=esapi.codecs.push_back_string.PushbackString-class.html#__init__,Method esapi.codecs.unix.UnixCodec.__init__()=esapi.codecs.unix.UnixCodec-class.html#__init__,Method esapi.codecs.vbscript.VBScriptCodec.__init__()=esapi.codecs.vbscript.VBScriptCodec-class.html#__init__,Method esapi.codecs.windows.WindowsCodec.__init__()=esapi.codecs.windows.WindowsCodec-class.html#__init__,Method esapi.encoder.Encoder.__init__()=esapi.encoder.Encoder-class.html#__init__,Method esapi.encryptor.Encryptor.__init__()=esapi.encryptor.Encryptor-class.html#__init__,Method esapi.exceptions.AccessControlException.__init__()=esapi.exceptions.AccessControlException-class.html#__init__,Method esapi.exceptions.AuthenticationAccountsException.__init__()=esapi.exceptions.AuthenticationAccountsException-class.html#__init__,Method esapi.exceptions.AuthenticationCredentialsException.__init__()=esapi.exceptions.AuthenticationCredentialsException-class.html#__init__,Method esapi.exceptions.AuthenticationException.__init__()=esapi.exceptions.AuthenticationException-class.html#__init__,Method esapi.exceptions.AuthenticationHostException.__init__()=esapi.exceptions.AuthenticationHostException-class.html#__init__,Method esapi.exceptions.AuthenticationLoginException.__init__()=esapi.exceptions.AuthenticationLoginException-class.html#__init__,Method esapi.exceptions.AvailabilityException.__init__()=esapi.exceptions.AvailabilityException-class.html#__init__,Method esapi.exceptions.CertificateException.__init__()=esapi.exceptions.CertificateException-class.html#__init__,Method esapi.exceptions.ConfigurationException.__init__()=esapi.exceptions.ConfigurationException-class.html#__init__,Method esapi.exceptions.EncodingException.__init__()=esapi.exceptions.EncodingException-class.html#__init__,Method esapi.exceptions.EncryptionException.__init__()=esapi.exceptions.EncryptionException-class.html#__init__,Method esapi.exceptions.EnterpriseSecurityException.__init__()=esapi.exceptions.EnterpriseSecurityException-class.html#__init__,Method esapi.exceptions.ExecutorException.__init__()=esapi.exceptions.ExecutorException-class.html#__init__,Method esapi.exceptions.IntegrityException.__init__()=esapi.exceptions.IntegrityException-class.html#__init__,Method esapi.exceptions.IntrusionException.__init__()=esapi.exceptions.IntrusionException-class.html#__init__,Method esapi.exceptions.ValidationAvailabilityException.__init__()=esapi.exceptions.ValidationAvailabilityException-class.html#__init__,Method esapi.exceptions.ValidationException.__init__()=esapi.exceptions.ValidationException-class.html#__init__,Method esapi.exceptions.ValidationUploadException.__init__()=esapi.exceptions.ValidationUploadException-class.html#__init__,Method esapi.executor.Executor.__init__()=esapi.executor.Executor-class.html#__init__,Method esapi.http_utilities.HTTPUtilities.__init__()=esapi.http_utilities.HTTPUtilities-class.html#__init__,Method esapi.ihttp.IHttpRequest.__init__()=esapi.ihttp.IHttpRequest-class.html#__init__,Method esapi.ihttp.IHttpResponse.__init__()=esapi.ihttp.IHttpResponse-class.html#__init__,Method esapi.ihttp.ISession.__init__()=esapi.ihttp.ISession-class.html#__init__,Method esapi.log_factory.LogFactory.__init__()=esapi.log_factory.LogFactory-class.html#__init__,Method esapi.logger.Logger.EventType.__init__()=esapi.logger.Logger.EventType-class.html#__init__,Method esapi.logger.Logger.__init__()=esapi.logger.Logger-class.html#__init__,Method esapi.randomizer.Randomizer.__init__()=esapi.randomizer.Randomizer-class.html#__init__,Method esapi.reference.default_encoder.DefaultEncoder.__init__()=esapi.reference.default_encoder.DefaultEncoder-class.html#__init__,Method esapi.reference.default_encryptor.DefaultEncryptor.__init__()=esapi.reference.default_encryptor.DefaultEncryptor-class.html#__init__,Method esapi.reference.default_executor.DefaultExecutor.__init__()=esapi.reference.default_executor.DefaultExecutor-class.html#__init__,Method esapi.reference.default_http_utilities.DefaultHTTPUtilities.__init__()=esapi.reference.default_http_utilities.DefaultHTTPUtilities-class.html#__init__,Method esapi.reference.default_intrusion_detector.DefaultIntrusionDetector.Event.__init__()=esapi.reference.default_intrusion_detector.DefaultIntrusionDetector.Event-class.html#__init__,Method esapi.reference.default_intrusion_detector.DefaultIntrusionDetector.__init__()=esapi.reference.default_intrusion_detector.DefaultIntrusionDetector-class.html#__init__,Method esapi.reference.default_randomizer.DefaultRandomizer.__init__()=esapi.reference.default_randomizer.DefaultRandomizer-class.html#__init__,Method esapi.reference.default_security_configuration.DefaultSecurityConfiguration.__init__()=esapi.reference.default_security_configuration.DefaultSecurityConfiguration-class.html#__init__,Method esapi.reference.default_user.DefaultUser.__init__()=esapi.reference.default_user.DefaultUser-class.html#__init__,Method esapi.reference.default_validator.DefaultValidator.__init__()=esapi.reference.default_validator.DefaultValidator-class.html#__init__,Method esapi.reference.file_based_access_controller.FileBasedAccessController.__init__()=esapi.reference.file_based_access_controller.FileBasedAccessController-class.html#__init__,Method esapi.reference.file_based_access_controller.Rule.__init__()=esapi.reference.file_based_access_controller.Rule-class.html#__init__,Method esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.__init__()=esapi.reference.python_log_factory.PythonLogFactory.PythonLogger-class.html#__init__,Method esapi.reference.python_log_factory.PythonLogFactory.__init__()=esapi.reference.python_log_factory.PythonLogFactory-class.html#__init__,Method esapi.reference.random_access_reference_map.RandomAccessReferenceMap.__init__()=esapi.reference.random_access_reference_map.RandomAccessReferenceMap-class.html#__init__,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.__init__()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#__init__,Method esapi.reference.user_credentials.UserCredentials.__init__()=esapi.reference.user_credentials.UserCredentials-class.html#__init__,Method esapi.reference.validation.base_validation_rule.BaseValidationRule.__init__()=esapi.reference.validation.base_validation_rule.BaseValidationRule-class.html#__init__,Method esapi.reference.validation.credit_card_validation_rule.CreditCardValidationRule.__init__()=esapi.reference.validation.credit_card_validation_rule.CreditCardValidationRule-class.html#__init__,Method esapi.reference.validation.date_validation_rule.DateValidationRule.__init__()=esapi.reference.validation.date_validation_rule.DateValidationRule-class.html#__init__,Method esapi.reference.validation.number_validation_rule.NumberValidationRule.__init__()=esapi.reference.validation.number_validation_rule.NumberValidationRule-class.html#__init__,Method esapi.reference.validation.string_validation_rule.StringValidationRule.__init__()=esapi.reference.validation.string_validation_rule.StringValidationRule-class.html#__init__,Method esapi.security_configuration.SecurityConfiguration.Threshold.__init__()=esapi.security_configuration.SecurityConfiguration.Threshold-class.html#__init__,Method esapi.security_configuration.SecurityConfiguration.__init__()=esapi.security_configuration.SecurityConfiguration-class.html#__init__,Method esapi.test.http.mock_http_request.MockHttpRequest.__init__()=esapi.test.http.mock_http_request.MockHttpRequest-class.html#__init__,Method esapi.test.http.mock_http_response.MockHttpResponse.__init__()=esapi.test.http.mock_http_response.MockHttpResponse-class.html#__init__,Method esapi.test.http.mock_session.MockSession.__init__()=esapi.test.http.mock_session.MockSession-class.html#__init__,Method esapi.test.test_access_controller.AccessControllerTest.__init__()=esapi.test.test_access_controller.AccessControllerTest-class.html#__init__,Method esapi.test.test_authenticator.ValidatorTest.__init__()=esapi.test.test_authenticator.ValidatorTest-class.html#__init__,Method esapi.test.test_encoder.EncoderTest.__init__()=esapi.test.test_encoder.EncoderTest-class.html#__init__,Method esapi.test.test_encryptor.EncryptorTest.__init__()=esapi.test.test_encryptor.EncryptorTest-class.html#__init__,Method esapi.test.test_executor.ExecutorTest.__init__()=esapi.test.test_executor.ExecutorTest-class.html#__init__,Method esapi.test.test_http_utilities.HTTPUtilitiesTest.__init__()=esapi.test.test_http_utilities.HTTPUtilitiesTest-class.html#__init__,Method esapi.test.test_intrusion_detector.IntrusionDetectorTest.__init__()=esapi.test.test_intrusion_detector.IntrusionDetectorTest-class.html#__init__,Method esapi.test.test_logger.LoggerTest.__init__()=esapi.test.test_logger.LoggerTest-class.html#__init__,Method esapi.test.test_random_access_map.ARMTest.__init__()=esapi.test.test_random_access_map.ARMTest-class.html#__init__,Method esapi.test.test_randomizer.RandomizerTest.__init__()=esapi.test.test_randomizer.RandomizerTest-class.html#__init__,Method esapi.test.test_user.UserTest.__init__()=esapi.test.test_user.UserTest-class.html#__init__,Method esapi.test.test_validator.ValidatorTest.__init__()=esapi.test.test_validator.ValidatorTest-class.html#__init__,Method esapi.user.AnonymousUser.__init__()=esapi.user.AnonymousUser-class.html#__init__,Method esapi.user.User.__init__()=esapi.user.User-class.html#__init__,Method esapi.validator.Validator.__init__()=esapi.validator.Validator-class.html#__init__"><a title="esapi.access_reference_map.AccessReferenceMap.__init__
esapi.authenticator.Authenticator.__init__
esapi.codecs.codec.Codec.__init__
esapi.codecs.css.CSSCodec.__init__
esapi.codecs.html_entity.HTMLEntityCodec.__init__
esapi.codecs.javascript.JavascriptCodec.__init__
esapi.codecs.ldap.LDAPCodec.__init__
esapi.codecs.ldap_dn.LDAPDNCodec.__init__
esapi.codecs.mysql.MySQLCodec.__init__
esapi.codecs.oracle.OracleCodec.__init__
esapi.codecs.percent.PercentCodec.__init__
esapi.codecs.push_back_string.PushbackString.__init__
esapi.codecs.unix.UnixCodec.__init__
esapi.codecs.vbscript.VBScriptCodec.__init__
esapi.codecs.windows.WindowsCodec.__init__
esapi.encoder.Encoder.__init__
esapi.encryptor.Encryptor.__init__
esapi.exceptions.AccessControlException.__init__
esapi.exceptions.AuthenticationAccountsException.__init__
esapi.exceptions.AuthenticationCredentialsException.__init__
esapi.exceptions.AuthenticationException.__init__
esapi.exceptions.AuthenticationHostException.__init__
esapi.exceptions.AuthenticationLoginException.__init__
esapi.exceptions.AvailabilityException.__init__
esapi.exceptions.CertificateException.__init__
esapi.exceptions.ConfigurationException.__init__
esapi.exceptions.EncodingException.__init__
esapi.exceptions.EncryptionException.__init__
esapi.exceptions.EnterpriseSecurityException.__init__
esapi.exceptions.ExecutorException.__init__
esapi.exceptions.IntegrityException.__init__
esapi.exceptions.IntrusionException.__init__
esapi.exceptions.ValidationAvailabilityException.__init__
esapi.exceptions.ValidationException.__init__
esapi.exceptions.ValidationUploadException.__init__
esapi.executor.Executor.__init__
esapi.http_utilities.HTTPUtilities.__init__
esapi.ihttp.IHttpRequest.__init__
esapi.ihttp.IHttpResponse.__init__
esapi.ihttp.ISession.__init__
esapi.log_factory.LogFactory.__init__
esapi.logger.Logger.EventType.__init__
esapi.logger.Logger.__init__
esapi.randomizer.Randomizer.__init__
esapi.reference.default_encoder.DefaultEncoder.__init__
esapi.reference.default_encryptor.DefaultEncryptor.__init__
esapi.reference.default_executor.DefaultExecutor.__init__
esapi.reference.default_http_utilities.DefaultHTTPUtilities.__init__
esapi.reference.default_intrusion_detector.DefaultIntrusionDetector.Event.__init__
esapi.reference.default_intrusion_detector.DefaultIntrusionDetector.__init__
esapi.reference.default_randomizer.DefaultRandomizer.__init__
esapi.reference.default_security_configuration.DefaultSecurityConfiguration.__init__
esapi.reference.default_user.DefaultUser.__init__
esapi.reference.default_validator.DefaultValidator.__init__
esapi.reference.file_based_access_controller.FileBasedAccessController.__init__
esapi.reference.file_based_access_controller.Rule.__init__
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.__init__
esapi.reference.python_log_factory.PythonLogFactory.__init__
esapi.reference.random_access_reference_map.RandomAccessReferenceMap.__init__
esapi.reference.shelve_authenticator.ShelveAuthenticator.__init__
esapi.reference.user_credentials.UserCredentials.__init__
esapi.reference.validation.base_validation_rule.BaseValidationRule.__init__
esapi.reference.validation.credit_card_validation_rule.CreditCardValidationRule.__init__
esapi.reference.validation.date_validation_rule.DateValidationRule.__init__
esapi.reference.validation.number_validation_rule.NumberValidationRule.__init__
esapi.reference.validation.string_validation_rule.StringValidationRule.__init__
esapi.security_configuration.SecurityConfiguration.Threshold.__init__
esapi.security_configuration.SecurityConfiguration.__init__
esapi.test.http.mock_http_request.MockHttpRequest.__init__
esapi.test.http.mock_http_response.MockHttpResponse.__init__
esapi.test.http.mock_session.MockSession.__init__
esapi.test.test_access_controller.AccessControllerTest.__init__
esapi.test.test_authenticator.ValidatorTest.__init__
esapi.test.test_encoder.EncoderTest.__init__
esapi.test.test_encryptor.EncryptorTest.__init__
esapi.test.test_executor.ExecutorTest.__init__
esapi.test.test_http_utilities.HTTPUtilitiesTest.__init__
esapi.test.test_intrusion_detector.IntrusionDetectorTest.__init__
esapi.test.test_logger.LoggerTest.__init__
esapi.test.test_random_access_map.ARMTest.__init__
esapi.test.test_randomizer.RandomizerTest.__init__
esapi.test.test_user.UserTest.__init__
esapi.test.test_validator.ValidatorTest.__init__
esapi.user.AnonymousUser.__init__
esapi.user.User.__init__
esapi.validator.Validator.__init__" class="py-name" href="#" onclick="return doclink('link-36', '__init__', 'link-36');">__init__</a></tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">)</tt> </tt>
<a name="L49"></a><tt class="py-lineno"> 49</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-37" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-37', 'logger', 'link-6');">logger</a></tt> <tt class="py-op">=</tt> <tt id="link-38" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-38', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-39" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-39', 'logger', 'link-6');">logger</a></tt><tt class="py-op">(</tt><tt class="py-string">"Authenticator"</tt><tt class="py-op">)</tt> </tt>
<a name="L50"></a><tt class="py-lineno"> 50</tt>  <tt class="py-line">         </tt>
<a name="L51"></a><tt class="py-lineno"> 51</tt>  <tt class="py-line">        <tt class="py-name">users_filename</tt> <tt class="py-op">=</tt> <tt id="link-40" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-40', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-41" class="py-name" targets="Class Method esapi.core.ESAPI.security_configuration()=esapi.core.ESAPI-class.html#security_configuration,Module esapi.security_configuration=esapi.security_configuration-module.html"><a title="esapi.core.ESAPI.security_configuration
esapi.security_configuration" class="py-name" href="#" onclick="return doclink('link-41', 'security_configuration', 'link-41');">security_configuration</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-42" class="py-name" targets="Method esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_resource_file()=esapi.reference.default_security_configuration.DefaultSecurityConfiguration-class.html#get_resource_file,Method esapi.security_configuration.SecurityConfiguration.get_resource_file()=esapi.security_configuration.SecurityConfiguration-class.html#get_resource_file"><a title="esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_resource_file
esapi.security_configuration.SecurityConfiguration.get_resource_file" class="py-name" href="#" onclick="return doclink('link-42', 'get_resource_file', 'link-42');">get_resource_file</a></tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-43" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.USERS_FILENAME" class="py-name" href="#" onclick="return doclink('link-43', 'USERS_FILENAME', 'link-31');">USERS_FILENAME</a></tt><tt class="py-op">)</tt> </tt>
<a name="L52"></a><tt class="py-lineno"> 52</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt> <tt class="py-op">=</tt> <tt class="py-name">shelve</tt><tt class="py-op">.</tt><tt class="py-name">open</tt><tt class="py-op">(</tt><tt class="py-name">users_filename</tt><tt class="py-op">,</tt> <tt class="py-name">writeback</tt><tt class="py-op">=</tt><tt class="py-name">True</tt><tt class="py-op">)</tt> </tt>
<a name="L53"></a><tt class="py-lineno"> 53</tt>  <tt class="py-line">         </tt>
<a name="L54"></a><tt class="py-lineno"> 54</tt>  <tt class="py-line">        <tt class="py-name">cred_filename</tt> <tt class="py-op">=</tt> <tt id="link-44" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-44', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-45" class="py-name"><a title="esapi.core.ESAPI.security_configuration
esapi.security_configuration" class="py-name" href="#" onclick="return doclink('link-45', 'security_configuration', 'link-41');">security_configuration</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-46" class="py-name"><a title="esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_resource_file
esapi.security_configuration.SecurityConfiguration.get_resource_file" class="py-name" href="#" onclick="return doclink('link-46', 'get_resource_file', 'link-42');">get_resource_file</a></tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-47" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.CREDS_FILENAME" class="py-name" href="#" onclick="return doclink('link-47', 'CREDS_FILENAME', 'link-32');">CREDS_FILENAME</a></tt><tt class="py-op">)</tt> </tt>
<a name="L55"></a><tt class="py-lineno"> 55</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt> <tt class="py-op">=</tt> <tt class="py-name">shelve</tt><tt class="py-op">.</tt><tt class="py-name">open</tt><tt class="py-op">(</tt><tt class="py-name">cred_filename</tt><tt class="py-op">,</tt> <tt class="py-name">writeback</tt><tt class="py-op">=</tt><tt class="py-name">True</tt><tt class="py-op">)</tt> </tt>
<a name="L56"></a><tt class="py-lineno"> 56</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> <tt class="py-op">=</tt> <tt id="link-48" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-48', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-49" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-49', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-50" class="py-name" targets="Class esapi.user.AnonymousUser=esapi.user.AnonymousUser-class.html"><a title="esapi.user.AnonymousUser" class="py-name" href="#" onclick="return doclink('link-50', 'AnonymousUser', 'link-50');">AnonymousUser</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L57"></a><tt class="py-lineno"> 57</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.clear_current"></a><div id="ShelveAuthenticator.clear_current-def"><a name="L58"></a><tt class="py-lineno"> 58</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.clear_current-toggle" onclick="return toggle('ShelveAuthenticator.clear_current');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#clear_current">clear_current</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.clear_current-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.clear_current-expanded"><a name="L59"></a><tt class="py-lineno"> 59</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> <tt class="py-op">=</tt> <tt id="link-51" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-51', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-52" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-52', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-53" class="py-name"><a title="esapi.user.AnonymousUser" class="py-name" href="#" onclick="return doclink('link-53', 'AnonymousUser', 'link-50');">AnonymousUser</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L60"></a><tt class="py-lineno"> 60</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.clear_all_data"></a><div id="ShelveAuthenticator.clear_all_data-def"><a name="L61"></a><tt class="py-lineno"> 61</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.clear_all_data-toggle" onclick="return toggle('ShelveAuthenticator.clear_all_data');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#clear_all_data">clear_all_data</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.clear_all_data-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.clear_all_data-expanded"><a name="L62"></a><tt class="py-lineno"> 62</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">clear</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L63"></a><tt class="py-lineno"> 63</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">.</tt><tt class="py-name">clear</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L64"></a><tt class="py-lineno"> 64</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.login"></a><div id="ShelveAuthenticator.login-def"><a name="L65"></a><tt class="py-lineno"> 65</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.login-toggle" onclick="return toggle('ShelveAuthenticator.login');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#login">login</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">request</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">,</tt> <tt class="py-param">response</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.login-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.login-expanded"><a name="L66"></a><tt class="py-lineno"> 66</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">request</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L67"></a><tt class="py-lineno"> 67</tt>  <tt class="py-line">            <tt class="py-name">request</tt> <tt class="py-op">=</tt> <tt id="link-54" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-54', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-55" class="py-name" targets="Class Method esapi.core.ESAPI.current_request()=esapi.core.ESAPI-class.html#current_request"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-55', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L68"></a><tt class="py-lineno"> 68</tt>  <tt class="py-line">         </tt>
<a name="L69"></a><tt class="py-lineno"> 69</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">response</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L70"></a><tt class="py-lineno"> 70</tt>  <tt class="py-line">            <tt class="py-name">response</tt> <tt class="py-op">=</tt> <tt id="link-56" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-56', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-57" class="py-name" targets="Class Method esapi.core.ESAPI.current_response()=esapi.core.ESAPI-class.html#current_response"><a title="esapi.core.ESAPI.current_response" class="py-name" href="#" onclick="return doclink('link-57', 'current_response', 'link-57');">current_response</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L71"></a><tt class="py-lineno"> 71</tt>  <tt class="py-line">             </tt>
<a name="L72"></a><tt class="py-lineno"> 72</tt>  <tt class="py-line">        <tt class="py-comment"># if there's a user in the session than use that</tt> </tt>
<a name="L73"></a><tt class="py-lineno"> 73</tt>  <tt class="py-line">        <tt id="link-58" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-58', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-59" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user_from_session()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user_from_session"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user_from_session" class="py-name" href="#" onclick="return doclink('link-59', 'get_user_from_session', 'link-59');">get_user_from_session</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L74"></a><tt class="py-lineno"> 74</tt>  <tt class="py-line">         </tt>
<a name="L75"></a><tt class="py-lineno"> 75</tt>  <tt class="py-line">        <tt class="py-comment"># else if there is a remember token then use that</tt> </tt>
<a name="L76"></a><tt class="py-lineno"> 76</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-60" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-60', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L77"></a><tt class="py-lineno"> 77</tt>  <tt class="py-line">            <tt id="link-61" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-61', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-62" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user_from_remember_token()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user_from_remember_token"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user_from_remember_token" class="py-name" href="#" onclick="return doclink('link-62', 'get_user_from_remember_token', 'link-62');">get_user_from_remember_token</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L78"></a><tt class="py-lineno"> 78</tt>  <tt class="py-line">             </tt>
<a name="L79"></a><tt class="py-lineno"> 79</tt>  <tt class="py-line">        <tt class="py-comment"># else try to verify credentials</tt> </tt>
<a name="L80"></a><tt class="py-lineno"> 80</tt>  <tt class="py-line">        <tt class="py-comment"># throws exception if login fails</tt> </tt>
<a name="L81"></a><tt class="py-lineno"> 81</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-63" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-63', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L82"></a><tt class="py-lineno"> 82</tt>  <tt class="py-line">            <tt id="link-64" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-64', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-65" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.login_with_username_and_password()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#login_with_username_and_password"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.login_with_username_and_password" class="py-name" href="#" onclick="return doclink('link-65', 'login_with_username_and_password', 'link-65');">login_with_username_and_password</a></tt><tt class="py-op">(</tt><tt class="py-name">request</tt><tt class="py-op">,</tt> <tt class="py-name">response</tt><tt class="py-op">)</tt> </tt>
<a name="L83"></a><tt class="py-lineno"> 83</tt>  <tt class="py-line">             </tt>
<a name="L84"></a><tt class="py-lineno"> 84</tt>  <tt class="py-line">        <tt class="py-comment"># set last host address</tt> </tt>
<a name="L85"></a><tt class="py-lineno"> 85</tt>  <tt class="py-line">        <tt id="link-66" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-66', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-67" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.last_host_address=esapi.reference.default_user.DefaultUser-class.html#last_host_address,Variable esapi.user.AnonymousUser.last_host_address=esapi.user.AnonymousUser-class.html#last_host_address,Variable esapi.user.User.last_host_address=esapi.user.User-class.html#last_host_address"><a title="esapi.reference.default_user.DefaultUser.last_host_address
esapi.user.AnonymousUser.last_host_address
esapi.user.User.last_host_address" class="py-name" href="#" onclick="return doclink('link-67', 'last_host_address', 'link-67');">last_host_address</a></tt> <tt class="py-op">=</tt> <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">remote_host</tt> </tt>
<a name="L86"></a><tt class="py-lineno"> 86</tt>  <tt class="py-line">         </tt>
<a name="L87"></a><tt class="py-lineno"> 87</tt>  <tt class="py-line">        <tt class="py-comment"># Warn if this authentication request was not POST or non-SSL </tt> </tt>
<a name="L88"></a><tt class="py-lineno"> 88</tt>  <tt class="py-line">        <tt class="py-comment"># connection, exposing credentials or session id</tt> </tt>
<a name="L89"></a><tt class="py-lineno"> 89</tt>  <tt class="py-line">        <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L90"></a><tt class="py-lineno"> 90</tt>  <tt class="py-line">            <tt id="link-68" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-68', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-69" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-69', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-70" class="py-name" targets="Method esapi.http_utilities.HTTPUtilities.assert_secure_request()=esapi.http_utilities.HTTPUtilities-class.html#assert_secure_request,Method esapi.reference.default_http_utilities.DefaultHTTPUtilities.assert_secure_request()=esapi.reference.default_http_utilities.DefaultHTTPUtilities-class.html#assert_secure_request"><a title="esapi.http_utilities.HTTPUtilities.assert_secure_request
esapi.reference.default_http_utilities.DefaultHTTPUtilities.assert_secure_request" class="py-name" href="#" onclick="return doclink('link-70', 'assert_secure_request', 'link-70');">assert_secure_request</a></tt><tt class="py-op">(</tt> <tt class="py-name">request</tt> <tt class="py-op">)</tt> </tt>
<a name="L91"></a><tt class="py-lineno"> 91</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-71" class="py-name"><a title="esapi.exceptions.AccessControlException" class="py-name" href="#" onclick="return doclink('link-71', 'AccessControlException', 'link-26');">AccessControlException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L92"></a><tt class="py-lineno"> 92</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-72" class="py-name"><a title="esapi.exceptions.AuthenticationException" class="py-name" href="#" onclick="return doclink('link-72', 'AuthenticationException', 'link-23');">AuthenticationException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L93"></a><tt class="py-lineno"> 93</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Attempt to login with an insecure request"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L94"></a><tt class="py-lineno"> 94</tt>  <tt class="py-line">                <tt class="py-name">extra</tt><tt class="py-op">=</tt><tt class="py-name">extra</tt> <tt class="py-op">)</tt> </tt>
<a name="L95"></a><tt class="py-lineno"> 95</tt>  <tt class="py-line">                 </tt>
<a name="L96"></a><tt class="py-lineno"> 96</tt>  <tt class="py-line">                 </tt>
<a name="L97"></a><tt class="py-lineno"> 97</tt>  <tt class="py-line">        <tt class="py-comment"># anonymous users cannot login</tt> </tt>
<a name="L98"></a><tt class="py-lineno"> 98</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-73" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-73', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-74" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_anonymous()=esapi.reference.default_user.DefaultUser-class.html#is_anonymous,Method esapi.user.AnonymousUser.is_anonymous()=esapi.user.AnonymousUser-class.html#is_anonymous,Method esapi.user.User.is_anonymous()=esapi.user.User-class.html#is_anonymous"><a title="esapi.reference.default_user.DefaultUser.is_anonymous
esapi.user.AnonymousUser.is_anonymous
esapi.user.User.is_anonymous" class="py-name" href="#" onclick="return doclink('link-74', 'is_anonymous', 'link-74');">is_anonymous</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L99"></a><tt class="py-lineno"> 99</tt>  <tt class="py-line">            <tt id="link-75" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-75', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-76" class="py-name" targets="Method esapi.authenticator.Authenticator.logout()=esapi.authenticator.Authenticator-class.html#logout,Method esapi.reference.default_user.DefaultUser.logout()=esapi.reference.default_user.DefaultUser-class.html#logout,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.logout()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#logout,Method esapi.user.AnonymousUser.logout()=esapi.user.AnonymousUser-class.html#logout,Method esapi.user.User.logout()=esapi.user.User-class.html#logout"><a title="esapi.authenticator.Authenticator.logout
esapi.reference.default_user.DefaultUser.logout
esapi.reference.shelve_authenticator.ShelveAuthenticator.logout
esapi.user.AnonymousUser.logout
esapi.user.User.logout" class="py-name" href="#" onclick="return doclink('link-76', 'logout', 'link-76');">logout</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L100"></a><tt class="py-lineno">100</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L101"></a><tt class="py-lineno">101</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-77" class="py-name"><a title="esapi.exceptions.AuthenticationLoginException" class="py-name" href="#" onclick="return doclink('link-77', 'AuthenticationLoginException', 'link-25');">AuthenticationLoginException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L102"></a><tt class="py-lineno">102</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Login failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L103"></a><tt class="py-lineno">103</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Anonymous user cannot be set to current user. User: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L104"></a><tt class="py-lineno">104</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-78" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-78', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-79" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.account_name=esapi.reference.default_user.DefaultUser-class.html#account_name,Variable esapi.user.AnonymousUser.account_name=esapi.user.AnonymousUser-class.html#account_name,Variable esapi.user.User.account_name=esapi.user.User-class.html#account_name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-79', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L105"></a><tt class="py-lineno">105</tt>  <tt class="py-line">                 </tt>
<a name="L106"></a><tt class="py-lineno">106</tt>  <tt class="py-line">        <tt class="py-keyword">def</tt> <tt class="py-def-name">failed_login</tt><tt class="py-op">(</tt><tt class="py-param">user</tt><tt class="py-op">,</tt> <tt class="py-param">reason</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L107"></a><tt class="py-lineno">107</tt>  <tt class="py-line">            <tt id="link-80" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-80', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-81" class="py-name"><a title="esapi.authenticator.Authenticator.logout
esapi.reference.default_user.DefaultUser.logout
esapi.reference.shelve_authenticator.ShelveAuthenticator.logout
esapi.user.AnonymousUser.logout
esapi.user.User.logout" class="py-name" href="#" onclick="return doclink('link-81', 'logout', 'link-76');">logout</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L108"></a><tt class="py-lineno">108</tt>  <tt class="py-line">            <tt id="link-82" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-82', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-83" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.increment_failed_login_count()=esapi.reference.default_user.DefaultUser-class.html#increment_failed_login_count,Method esapi.user.AnonymousUser.increment_failed_login_count()=esapi.user.AnonymousUser-class.html#increment_failed_login_count,Method esapi.user.User.increment_failed_login_count()=esapi.user.User-class.html#increment_failed_login_count"><a title="esapi.reference.default_user.DefaultUser.increment_failed_login_count
esapi.user.AnonymousUser.increment_failed_login_count
esapi.user.User.increment_failed_login_count" class="py-name" href="#" onclick="return doclink('link-83', 'increment_failed_login_count', 'link-83');">increment_failed_login_count</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L109"></a><tt class="py-lineno">109</tt>  <tt class="py-line">            <tt id="link-84" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-84', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt class="py-name">last_failed_login_count</tt> <tt class="py-op">=</tt> <tt class="py-name">datetime</tt><tt class="py-op">.</tt><tt class="py-name">now</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L110"></a><tt class="py-lineno">110</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L111"></a><tt class="py-lineno">111</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-85" class="py-name"><a title="esapi.exceptions.AuthenticationLoginException" class="py-name" href="#" onclick="return doclink('link-85', 'AuthenticationLoginException', 'link-25');">AuthenticationLoginException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L112"></a><tt class="py-lineno">112</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Login failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L113"></a><tt class="py-lineno">113</tt>  <tt class="py-line">                <tt class="py-name">reason</tt> <tt class="py-op">+</tt> <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">" User: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L114"></a><tt class="py-lineno">114</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-86" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-86', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-87" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-87', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt><tt class="py-op">)</tt> </tt>
</div><a name="L115"></a><tt class="py-lineno">115</tt>  <tt class="py-line">                 </tt>
<a name="L116"></a><tt class="py-lineno">116</tt>  <tt class="py-line">        <tt class="py-comment"># disabled users cannot login</tt> </tt>
<a name="L117"></a><tt class="py-lineno">117</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt id="link-88" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-88', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-89" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_enabled()=esapi.reference.default_user.DefaultUser-class.html#is_enabled,Method esapi.user.AnonymousUser.is_enabled()=esapi.user.AnonymousUser-class.html#is_enabled,Method esapi.user.User.is_enabled()=esapi.user.User-class.html#is_enabled"><a title="esapi.reference.default_user.DefaultUser.is_enabled
esapi.user.AnonymousUser.is_enabled
esapi.user.User.is_enabled" class="py-name" href="#" onclick="return doclink('link-89', 'is_enabled', 'link-89');">is_enabled</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L118"></a><tt class="py-lineno">118</tt>  <tt class="py-line">            <tt class="py-name">failed_login</tt><tt class="py-op">(</tt> <tt id="link-90" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-90', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt>  </tt>
<a name="L119"></a><tt class="py-lineno">119</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Disabled user cannot be set to current user."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L120"></a><tt class="py-lineno">120</tt>  <tt class="py-line">                 </tt>
<a name="L121"></a><tt class="py-lineno">121</tt>  <tt class="py-line">        <tt class="py-comment"># locked users cannot login</tt> </tt>
<a name="L122"></a><tt class="py-lineno">122</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-91" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-91', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-92" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_locked()=esapi.reference.default_user.DefaultUser-class.html#is_locked,Method esapi.user.AnonymousUser.is_locked()=esapi.user.AnonymousUser-class.html#is_locked,Method esapi.user.User.is_locked()=esapi.user.User-class.html#is_locked"><a title="esapi.reference.default_user.DefaultUser.is_locked
esapi.user.AnonymousUser.is_locked
esapi.user.User.is_locked" class="py-name" href="#" onclick="return doclink('link-92', 'is_locked', 'link-92');">is_locked</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L123"></a><tt class="py-lineno">123</tt>  <tt class="py-line">            <tt class="py-name">failed_login</tt><tt class="py-op">(</tt> <tt id="link-93" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-93', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> </tt>
<a name="L124"></a><tt class="py-lineno">124</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Locked user cannot be set to current user."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L125"></a><tt class="py-lineno">125</tt>  <tt class="py-line">                 </tt>
<a name="L126"></a><tt class="py-lineno">126</tt>  <tt class="py-line">                 </tt>
<a name="L127"></a><tt class="py-lineno">127</tt>  <tt class="py-line">        <tt class="py-comment"># Expired users cannot login</tt> </tt>
<a name="L128"></a><tt class="py-lineno">128</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-94" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-94', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-95" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_expired()=esapi.reference.default_user.DefaultUser-class.html#is_expired,Method esapi.user.AnonymousUser.is_expired()=esapi.user.AnonymousUser-class.html#is_expired,Method esapi.user.User.is_expired()=esapi.user.User-class.html#is_expired"><a title="esapi.reference.default_user.DefaultUser.is_expired
esapi.user.AnonymousUser.is_expired
esapi.user.User.is_expired" class="py-name" href="#" onclick="return doclink('link-95', 'is_expired', 'link-95');">is_expired</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L129"></a><tt class="py-lineno">129</tt>  <tt class="py-line">            <tt class="py-name">failed_login</tt><tt class="py-op">(</tt> <tt id="link-96" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-96', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> </tt>
<a name="L130"></a><tt class="py-lineno">130</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Expired user cannot be set to current user."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L131"></a><tt class="py-lineno">131</tt>  <tt class="py-line">                 </tt>
<a name="L132"></a><tt class="py-lineno">132</tt>  <tt class="py-line">        <tt class="py-comment"># Check session inactivity timeout</tt> </tt>
<a name="L133"></a><tt class="py-lineno">133</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-97" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-97', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-98" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_session_timeout()=esapi.reference.default_user.DefaultUser-class.html#is_session_timeout,Method esapi.user.AnonymousUser.is_session_timeout()=esapi.user.AnonymousUser-class.html#is_session_timeout,Method esapi.user.User.is_session_timeout()=esapi.user.User-class.html#is_session_timeout"><a title="esapi.reference.default_user.DefaultUser.is_session_timeout
esapi.user.AnonymousUser.is_session_timeout
esapi.user.User.is_session_timeout" class="py-name" href="#" onclick="return doclink('link-98', 'is_session_timeout', 'link-98');">is_session_timeout</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L134"></a><tt class="py-lineno">134</tt>  <tt class="py-line">            <tt class="py-name">failed_login</tt><tt class="py-op">(</tt> <tt id="link-99" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-99', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> </tt>
<a name="L135"></a><tt class="py-lineno">135</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Session inactivity timeout."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L136"></a><tt class="py-lineno">136</tt>  <tt class="py-line">                 </tt>
<a name="L137"></a><tt class="py-lineno">137</tt>  <tt class="py-line">        <tt class="py-comment"># Check session absolute timeout</tt> </tt>
<a name="L138"></a><tt class="py-lineno">138</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-100" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-100', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-101" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.is_session_absolute_timeout()=esapi.reference.default_user.DefaultUser-class.html#is_session_absolute_timeout,Method esapi.user.AnonymousUser.is_session_absolute_timeout()=esapi.user.AnonymousUser-class.html#is_session_absolute_timeout,Method esapi.user.User.is_session_absolute_timeout()=esapi.user.User-class.html#is_session_absolute_timeout"><a title="esapi.reference.default_user.DefaultUser.is_session_absolute_timeout
esapi.user.AnonymousUser.is_session_absolute_timeout
esapi.user.User.is_session_absolute_timeout" class="py-name" href="#" onclick="return doclink('link-101', 'is_session_absolute_timeout', 'link-101');">is_session_absolute_timeout</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L139"></a><tt class="py-lineno">139</tt>  <tt class="py-line">            <tt class="py-name">failed_login</tt><tt class="py-op">(</tt> <tt id="link-102" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-102', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> </tt>
<a name="L140"></a><tt class="py-lineno">140</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Session absolute timeout."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L141"></a><tt class="py-lineno">141</tt>  <tt class="py-line">                 </tt>
<a name="L142"></a><tt class="py-lineno">142</tt>  <tt class="py-line">        <tt class="py-comment"># set locale to the user object in the session from request</tt> </tt>
<a name="L143"></a><tt class="py-lineno">143</tt>  <tt class="py-line">        <tt id="link-103" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-103', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-104" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.locale=esapi.reference.default_user.DefaultUser-class.html#locale,Variable esapi.user.AnonymousUser.locale=esapi.user.AnonymousUser-class.html#locale,Variable esapi.user.User.locale=esapi.user.User-class.html#locale"><a title="esapi.reference.default_user.DefaultUser.locale
esapi.user.AnonymousUser.locale
esapi.user.User.locale" class="py-name" href="#" onclick="return doclink('link-104', 'locale', 'link-104');">locale</a></tt> <tt class="py-op">=</tt> <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">headers</tt><tt class="py-op">[</tt><tt class="py-string">'Accept-Language'</tt><tt class="py-op">]</tt> </tt>
<a name="L144"></a><tt class="py-lineno">144</tt>  <tt class="py-line">         </tt>
<a name="L145"></a><tt class="py-lineno">145</tt>  <tt class="py-line">        <tt class="py-name">session</tt> <tt class="py-op">=</tt> <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">session</tt> </tt>
<a name="L146"></a><tt class="py-lineno">146</tt>  <tt class="py-line">        <tt id="link-105" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-105', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-106" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.add_session()=esapi.reference.default_user.DefaultUser-class.html#add_session,Method esapi.user.AnonymousUser.add_session()=esapi.user.AnonymousUser-class.html#add_session,Method esapi.user.User.add_session()=esapi.user.User-class.html#add_session"><a title="esapi.reference.default_user.DefaultUser.add_session
esapi.user.AnonymousUser.add_session
esapi.user.User.add_session" class="py-name" href="#" onclick="return doclink('link-106', 'add_session', 'link-106');">add_session</a></tt><tt class="py-op">(</tt> <tt class="py-name">session</tt> <tt class="py-op">)</tt> </tt>
<a name="L147"></a><tt class="py-lineno">147</tt>  <tt class="py-line">        <tt class="py-name">session</tt><tt class="py-op">[</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-107" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.USER" class="py-name" href="#" onclick="return doclink('link-107', 'USER', 'link-30');">USER</a></tt><tt class="py-op">]</tt> <tt class="py-op">=</tt> <tt id="link-108" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-108', 'user', 'link-20');">user</a></tt> </tt>
<a name="L148"></a><tt class="py-lineno">148</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> <tt class="py-op">=</tt> <tt id="link-109" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-109', 'user', 'link-20');">user</a></tt> </tt>
<a name="L149"></a><tt class="py-lineno">149</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L150"></a><tt class="py-lineno">150</tt>  <tt class="py-line">         </tt>
<a name="L151"></a><tt class="py-lineno">151</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt id="link-110" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-110', 'user', 'link-20');">user</a></tt> </tt>
</div><a name="L152"></a><tt class="py-lineno">152</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.login_with_username_and_password"></a><div id="ShelveAuthenticator.login_with_username_and_password-def"><a name="L153"></a><tt class="py-lineno">153</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.login_with_username_and_password-toggle" onclick="return toggle('ShelveAuthenticator.login_with_username_and_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#login_with_username_and_password">login_with_username_and_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">request</tt><tt class="py-op">,</tt> <tt class="py-param">response</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.login_with_username_and_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.login_with_username_and_password-expanded"><a name="L154"></a><tt class="py-lineno">154</tt>  <tt class="py-line">        <tt class="py-name">username_param</tt> <tt class="py-op">=</tt> <tt id="link-111" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-111', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-112" class="py-name"><a title="esapi.core.ESAPI.security_configuration
esapi.security_configuration" class="py-name" href="#" onclick="return doclink('link-112', 'security_configuration', 'link-41');">security_configuration</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-113" class="py-name" targets="Method esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_username_parameter_name()=esapi.reference.default_security_configuration.DefaultSecurityConfiguration-class.html#get_username_parameter_name,Method esapi.security_configuration.SecurityConfiguration.get_username_parameter_name()=esapi.security_configuration.SecurityConfiguration-class.html#get_username_parameter_name"><a title="esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_username_parameter_name
esapi.security_configuration.SecurityConfiguration.get_username_parameter_name" class="py-name" href="#" onclick="return doclink('link-113', 'get_username_parameter_name', 'link-113');">get_username_parameter_name</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L155"></a><tt class="py-lineno">155</tt>  <tt class="py-line">        <tt class="py-name">password_param</tt> <tt class="py-op">=</tt> <tt id="link-114" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-114', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-115" class="py-name"><a title="esapi.core.ESAPI.security_configuration
esapi.security_configuration" class="py-name" href="#" onclick="return doclink('link-115', 'security_configuration', 'link-41');">security_configuration</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-116" class="py-name" targets="Method esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_password_parameter_name()=esapi.reference.default_security_configuration.DefaultSecurityConfiguration-class.html#get_password_parameter_name,Method esapi.security_configuration.SecurityConfiguration.get_password_parameter_name()=esapi.security_configuration.SecurityConfiguration-class.html#get_password_parameter_name"><a title="esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_password_parameter_name
esapi.security_configuration.SecurityConfiguration.get_password_parameter_name" class="py-name" href="#" onclick="return doclink('link-116', 'get_password_parameter_name', 'link-116');">get_password_parameter_name</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L156"></a><tt class="py-lineno">156</tt>  <tt class="py-line">         </tt>
<a name="L157"></a><tt class="py-lineno">157</tt>  <tt class="py-line">        <tt class="py-name">username</tt> <tt class="py-op">=</tt> <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">POST</tt><tt class="py-op">.</tt><tt id="link-117" class="py-name" targets="Method esapi.ihttp.ISession.get()=esapi.ihttp.ISession-class.html#get,Method esapi.test.http.mock_session.MockSession.get()=esapi.test.http.mock_session.MockSession-class.html#get"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-117', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">username_param</tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L158"></a><tt class="py-lineno">158</tt>  <tt class="py-line">        <tt class="py-name">password</tt> <tt class="py-op">=</tt> <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">POST</tt><tt class="py-op">.</tt><tt id="link-118" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-118', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">password_param</tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L159"></a><tt class="py-lineno">159</tt>  <tt class="py-line">         </tt>
<a name="L160"></a><tt class="py-lineno">160</tt>  <tt class="py-line">        <tt class="py-comment"># if a logged-in user is requesting login, log them out first</tt> </tt>
<a name="L161"></a><tt class="py-lineno">161</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt> <tt class="py-keyword">and</tt> <tt class="py-keyword">not</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt><tt class="py-op">.</tt><tt id="link-119" class="py-name"><a title="esapi.reference.default_user.DefaultUser.is_anonymous
esapi.user.AnonymousUser.is_anonymous
esapi.user.User.is_anonymous" class="py-name" href="#" onclick="return doclink('link-119', 'is_anonymous', 'link-74');">is_anonymous</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L162"></a><tt class="py-lineno">162</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-120" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-120', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-121" class="py-name" targets="Method esapi.logger.Logger.warning()=esapi.logger.Logger-class.html#warning,Method esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning()=esapi.reference.python_log_factory.PythonLogFactory.PythonLogger-class.html#warning"><a title="esapi.logger.Logger.warning
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning" class="py-name" href="#" onclick="return doclink('link-121', 'warning', 'link-121');">warning</a></tt><tt class="py-op">(</tt> <tt id="link-122" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-122', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-123" class="py-name" targets="Variable esapi.logger.Logger.SECURITY_SUCCESS=esapi.logger.Logger-class.html#SECURITY_SUCCESS"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-123', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L163"></a><tt class="py-lineno">163</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"User requested relogin. Performing logout then authentication"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L164"></a><tt class="py-lineno">164</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt><tt class="py-op">.</tt><tt id="link-124" class="py-name"><a title="esapi.authenticator.Authenticator.logout
esapi.reference.default_user.DefaultUser.logout
esapi.reference.shelve_authenticator.ShelveAuthenticator.logout
esapi.user.AnonymousUser.logout
esapi.user.User.logout" class="py-name" href="#" onclick="return doclink('link-124', 'logout', 'link-76');">logout</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L165"></a><tt class="py-lineno">165</tt>  <tt class="py-line">             </tt>
<a name="L166"></a><tt class="py-lineno">166</tt>  <tt class="py-line">        <tt class="py-comment"># Authenticate with username and password</tt> </tt>
<a name="L167"></a><tt class="py-lineno">167</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">username</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt> <tt class="py-keyword">or</tt> <tt class="py-name">password</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L168"></a><tt class="py-lineno">168</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">username</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L169"></a><tt class="py-lineno">169</tt>  <tt class="py-line">                <tt class="py-name">username</tt> <tt class="py-op">=</tt> <tt class="py-string">"unspecified user"</tt> </tt>
<a name="L170"></a><tt class="py-lineno">170</tt>  <tt class="py-line">                 </tt>
<a name="L171"></a><tt class="py-lineno">171</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-125" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-125', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L172"></a><tt class="py-lineno">172</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Authentication failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L173"></a><tt class="py-lineno">173</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Authentication failed for %(user)s because of null username or password"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L174"></a><tt class="py-lineno">174</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt class="py-name">username</tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L175"></a><tt class="py-lineno">175</tt>  <tt class="py-line">                 </tt>
<a name="L176"></a><tt class="py-lineno">176</tt>  <tt class="py-line">        <tt id="link-126" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-126', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-127" class="py-name" targets="Method esapi.authenticator.Authenticator.get_user()=esapi.authenticator.Authenticator-class.html#get_user,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user"><a title="esapi.authenticator.Authenticator.get_user
esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user" class="py-name" href="#" onclick="return doclink('link-127', 'get_user', 'link-127');">get_user</a></tt><tt class="py-op">(</tt><tt class="py-name">username</tt><tt class="py-op">)</tt> </tt>
<a name="L177"></a><tt class="py-lineno">177</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-128" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-128', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L178"></a><tt class="py-lineno">178</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-129" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-129', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L179"></a><tt class="py-lineno">179</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Authentication failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L180"></a><tt class="py-lineno">180</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Authentication failed because user %(user)s doesn't exist"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L181"></a><tt class="py-lineno">181</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt class="py-name">username</tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L182"></a><tt class="py-lineno">182</tt>  <tt class="py-line">          </tt>
<a name="L183"></a><tt class="py-lineno">183</tt>  <tt class="py-line">        <tt id="link-130" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-130', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-131" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.login_with_password()=esapi.reference.default_user.DefaultUser-class.html#login_with_password,Method esapi.user.AnonymousUser.login_with_password()=esapi.user.AnonymousUser-class.html#login_with_password,Method esapi.user.User.login_with_password()=esapi.user.User-class.html#login_with_password"><a title="esapi.reference.default_user.DefaultUser.login_with_password
esapi.user.AnonymousUser.login_with_password
esapi.user.User.login_with_password" class="py-name" href="#" onclick="return doclink('link-131', 'login_with_password', 'link-131');">login_with_password</a></tt><tt class="py-op">(</tt><tt class="py-name">password</tt><tt class="py-op">)</tt> </tt>
<a name="L184"></a><tt class="py-lineno">184</tt>  <tt class="py-line">         </tt>
<a name="L185"></a><tt class="py-lineno">185</tt>  <tt class="py-line">        <tt class="py-name">request</tt><tt class="py-op">.</tt><tt class="py-name">headers</tt><tt class="py-op">[</tt><tt id="link-132" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-132', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-133" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.csrf_token=esapi.reference.default_user.DefaultUser-class.html#csrf_token,Variable esapi.user.AnonymousUser.csrf_token=esapi.user.AnonymousUser-class.html#csrf_token,Variable esapi.user.User.csrf_token=esapi.user.User-class.html#csrf_token"><a title="esapi.reference.default_user.DefaultUser.csrf_token
esapi.user.AnonymousUser.csrf_token
esapi.user.User.csrf_token" class="py-name" href="#" onclick="return doclink('link-133', 'csrf_token', 'link-133');">csrf_token</a></tt><tt class="py-op">]</tt> <tt class="py-op">=</tt> <tt class="py-string">'authenticated'</tt> </tt>
<a name="L186"></a><tt class="py-lineno">186</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt id="link-134" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-134', 'user', 'link-20');">user</a></tt> </tt>
</div><a name="L187"></a><tt class="py-lineno">187</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.get_user_from_session"></a><div id="ShelveAuthenticator.get_user_from_session-def"><a name="L188"></a><tt class="py-lineno">188</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.get_user_from_session-toggle" onclick="return toggle('ShelveAuthenticator.get_user_from_session');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user_from_session">get_user_from_session</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.get_user_from_session-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.get_user_from_session-expanded"><a name="L189"></a><tt class="py-lineno">189</tt>  <tt class="py-line">        <tt class="py-name">session</tt> <tt class="py-op">=</tt> <tt id="link-135" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-135', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-136" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-136', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-137" class="py-name" targets="Method esapi.http_utilities.HTTPUtilities.get_current_request()=esapi.http_utilities.HTTPUtilities-class.html#get_current_request,Method esapi.reference.default_http_utilities.DefaultHTTPUtilities.get_current_request()=esapi.reference.default_http_utilities.DefaultHTTPUtilities-class.html#get_current_request"><a title="esapi.http_utilities.HTTPUtilities.get_current_request
esapi.reference.default_http_utilities.DefaultHTTPUtilities.get_current_request" class="py-name" href="#" onclick="return doclink('link-137', 'get_current_request', 'link-137');">get_current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">session</tt> </tt>
<a name="L190"></a><tt class="py-lineno">190</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">session</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L191"></a><tt class="py-lineno">191</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
<a name="L192"></a><tt class="py-lineno">192</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">session</tt><tt class="py-op">.</tt><tt id="link-138" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-138', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-139" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.USER" class="py-name" href="#" onclick="return doclink('link-139', 'USER', 'link-30');">USER</a></tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
</div><a name="L193"></a><tt class="py-lineno">193</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.get_user_from_remember_token"></a><div id="ShelveAuthenticator.get_user_from_remember_token-def"><a name="L194"></a><tt class="py-lineno">194</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.get_user_from_remember_token-toggle" onclick="return toggle('ShelveAuthenticator.get_user_from_remember_token');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user_from_remember_token">get_user_from_remember_token</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt>    </tt>
</div><a name="L195"></a><tt class="py-lineno">195</tt>  <tt class="py-line">        <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L196"></a><tt class="py-lineno">196</tt>  <tt class="py-line">            <tt class="py-name">token</tt> <tt class="py-op">=</tt> <tt id="link-140" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-140', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-141" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-141', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-142" class="py-name" targets="Method esapi.http_utilities.HTTPUtilities.get_cookie()=esapi.http_utilities.HTTPUtilities-class.html#get_cookie,Method esapi.reference.default_http_utilities.DefaultHTTPUtilities.get_cookie()=esapi.reference.default_http_utilities.DefaultHTTPUtilities-class.html#get_cookie"><a title="esapi.http_utilities.HTTPUtilities.get_cookie
esapi.reference.default_http_utilities.DefaultHTTPUtilities.get_cookie" class="py-name" href="#" onclick="return doclink('link-142', 'get_cookie', 'link-142');">get_cookie</a></tt><tt class="py-op">(</tt>   </tt>
<a name="L197"></a><tt class="py-lineno">197</tt>  <tt class="py-line">                <tt id="link-143" class="py-name"><a title="esapi.http_utilities.HTTPUtilities" class="py-name" href="#" onclick="return doclink('link-143', 'HTTPUtilities', 'link-18');">HTTPUtilities</a></tt><tt class="py-op">.</tt><tt id="link-144" class="py-name" targets="Variable esapi.http_utilities.HTTPUtilities.REMEMBER_TOKEN_COOKIE_NAME=esapi.http_utilities.HTTPUtilities-class.html#REMEMBER_TOKEN_COOKIE_NAME"><a title="esapi.http_utilities.HTTPUtilities.REMEMBER_TOKEN_COOKIE_NAME" class="py-name" href="#" onclick="return doclink('link-144', 'REMEMBER_TOKEN_COOKIE_NAME', 'link-144');">REMEMBER_TOKEN_COOKIE_NAME</a></tt><tt class="py-op">,</tt> </tt>
<a name="L198"></a><tt class="py-lineno">198</tt>  <tt class="py-line">                <tt id="link-145" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-145', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-146" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-146', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L199"></a><tt class="py-lineno">199</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">token</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L200"></a><tt class="py-lineno">200</tt>  <tt class="py-line">                <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
<a name="L201"></a><tt class="py-lineno">201</tt>  <tt class="py-line">            <tt class="py-name">data</tt> <tt class="py-op">=</tt> <tt id="link-147" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-147', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-148" class="py-name" targets="Class Method esapi.core.ESAPI.encryptor()=esapi.core.ESAPI-class.html#encryptor,Module esapi.encryptor=esapi.encryptor-module.html"><a title="esapi.core.ESAPI.encryptor
esapi.encryptor" class="py-name" href="#" onclick="return doclink('link-148', 'encryptor', 'link-148');">encryptor</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-149" class="py-name" targets="Method esapi.encryptor.Encryptor.unseal()=esapi.encryptor.Encryptor-class.html#unseal,Method esapi.reference.default_encryptor.DefaultEncryptor.unseal()=esapi.reference.default_encryptor.DefaultEncryptor-class.html#unseal"><a title="esapi.encryptor.Encryptor.unseal
esapi.reference.default_encryptor.DefaultEncryptor.unseal" class="py-name" href="#" onclick="return doclink('link-149', 'unseal', 'link-149');">unseal</a></tt><tt class="py-op">(</tt> <tt class="py-name">token</tt> <tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">split</tt><tt class="py-op">(</tt><tt class="py-string">'|'</tt><tt class="py-op">)</tt> </tt>
<a name="L202"></a><tt class="py-lineno">202</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">data</tt><tt class="py-op">)</tt> <tt class="py-op">!=</tt> <tt class="py-number">2</tt><tt class="py-op">:</tt> </tt>
<a name="L203"></a><tt class="py-lineno">203</tt>  <tt class="py-line">                <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-150" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-150', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-151" class="py-name"><a title="esapi.logger.Logger.warning
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning" class="py-name" href="#" onclick="return doclink('link-151', 'warning', 'link-121');">warning</a></tt><tt class="py-op">(</tt> <tt id="link-152" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-152', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-153" class="py-name" targets="Variable esapi.logger.Logger.SECURITY_FAILURE=esapi.logger.Logger-class.html#SECURITY_FAILURE"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-153', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L204"></a><tt class="py-lineno">204</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Found corrupt or expired remember token"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L205"></a><tt class="py-lineno">205</tt>  <tt class="py-line">                <tt id="link-154" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-154', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-155" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-155', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-156" class="py-name" targets="Method esapi.http_utilities.HTTPUtilities.kill_cookie()=esapi.http_utilities.HTTPUtilities-class.html#kill_cookie,Method esapi.reference.default_http_utilities.DefaultHTTPUtilities.kill_cookie()=esapi.reference.default_http_utilities.DefaultHTTPUtilities-class.html#kill_cookie"><a title="esapi.http_utilities.HTTPUtilities.kill_cookie
esapi.reference.default_http_utilities.DefaultHTTPUtilities.kill_cookie" class="py-name" href="#" onclick="return doclink('link-156', 'kill_cookie', 'link-156');">kill_cookie</a></tt><tt class="py-op">(</tt>  </tt>
<a name="L206"></a><tt class="py-lineno">206</tt>  <tt class="py-line">                    <tt id="link-157" class="py-name"><a title="esapi.http_utilities.HTTPUtilities" class="py-name" href="#" onclick="return doclink('link-157', 'HTTPUtilities', 'link-18');">HTTPUtilities</a></tt><tt class="py-op">.</tt><tt id="link-158" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.REMEMBER_TOKEN_COOKIE_NAME" class="py-name" href="#" onclick="return doclink('link-158', 'REMEMBER_TOKEN_COOKIE_NAME', 'link-144');">REMEMBER_TOKEN_COOKIE_NAME</a></tt><tt class="py-op">,</tt> </tt>
<a name="L207"></a><tt class="py-lineno">207</tt>  <tt class="py-line">                    <tt id="link-159" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-159', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-160" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-160', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">,</tt>  </tt>
<a name="L208"></a><tt class="py-lineno">208</tt>  <tt class="py-line">                    <tt id="link-161" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-161', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-162" class="py-name"><a title="esapi.core.ESAPI.current_response" class="py-name" href="#" onclick="return doclink('link-162', 'current_response', 'link-57');">current_response</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L209"></a><tt class="py-lineno">209</tt>  <tt class="py-line">                <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
<a name="L210"></a><tt class="py-lineno">210</tt>  <tt class="py-line">             </tt>
<a name="L211"></a><tt class="py-lineno">211</tt>  <tt class="py-line">            <tt class="py-name">username</tt><tt class="py-op">,</tt> <tt class="py-name">password</tt> <tt class="py-op">=</tt> <tt class="py-name">data</tt> </tt>
<a name="L212"></a><tt class="py-lineno">212</tt>  <tt class="py-line">            <tt id="link-163" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-163', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-164" class="py-name"><a title="esapi.authenticator.Authenticator.get_user
esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user" class="py-name" href="#" onclick="return doclink('link-164', 'get_user', 'link-127');">get_user</a></tt><tt class="py-op">(</tt><tt id="link-165" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-165', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">=</tt><tt class="py-name">username</tt><tt class="py-op">)</tt> </tt>
<a name="L213"></a><tt class="py-lineno">213</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt id="link-166" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-166', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L214"></a><tt class="py-lineno">214</tt>  <tt class="py-line">                <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-167" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-167', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-168" class="py-name"><a title="esapi.logger.Logger.warning
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning" class="py-name" href="#" onclick="return doclink('link-168', 'warning', 'link-121');">warning</a></tt><tt class="py-op">(</tt> <tt id="link-169" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-169', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-170" class="py-name"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-170', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L215"></a><tt class="py-lineno">215</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Found valid remember token but no user matching %(username)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L216"></a><tt class="py-lineno">216</tt>  <tt class="py-line">                    <tt class="py-op">{</tt><tt class="py-string">'username'</tt> <tt class="py-op">:</tt> <tt class="py-name">username</tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L217"></a><tt class="py-lineno">217</tt>  <tt class="py-line">                <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
<a name="L218"></a><tt class="py-lineno">218</tt>  <tt class="py-line">                 </tt>
<a name="L219"></a><tt class="py-lineno">219</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-171" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-171', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-172" class="py-name" targets="Method esapi.logger.Logger.info()=esapi.logger.Logger-class.html#info,Method esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info()=esapi.reference.python_log_factory.PythonLogFactory.PythonLogger-class.html#info"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-172', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt> <tt id="link-173" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-173', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-174" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-174', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L220"></a><tt class="py-lineno">220</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Logging in user with remember token: %(username)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L221"></a><tt class="py-lineno">221</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'username'</tt> <tt class="py-op">:</tt> <tt id="link-175" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-175', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-176" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-176', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L222"></a><tt class="py-lineno">222</tt>  <tt class="py-line">            <tt id="link-177" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-177', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-178" class="py-name"><a title="esapi.reference.default_user.DefaultUser.login_with_password
esapi.user.AnonymousUser.login_with_password
esapi.user.User.login_with_password" class="py-name" href="#" onclick="return doclink('link-178', 'login_with_password', 'link-131');">login_with_password</a></tt><tt class="py-op">(</tt><tt class="py-name">password</tt><tt class="py-op">)</tt> </tt>
<a name="L223"></a><tt class="py-lineno">223</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L224"></a><tt class="py-lineno">224</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt id="link-179" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-179', 'user', 'link-20');">user</a></tt> </tt>
<a name="L225"></a><tt class="py-lineno">225</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-180" class="py-name"><a title="esapi.exceptions.AuthenticationException" class="py-name" href="#" onclick="return doclink('link-180', 'AuthenticationException', 'link-23');">AuthenticationException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L226"></a><tt class="py-lineno">226</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-181" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-181', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-182" class="py-name"><a title="esapi.logger.Logger.warning
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning" class="py-name" href="#" onclick="return doclink('link-182', 'warning', 'link-121');">warning</a></tt><tt class="py-op">(</tt> <tt id="link-183" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-183', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-184" class="py-name"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-184', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L227"></a><tt class="py-lineno">227</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Login via remember me cookie failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L228"></a><tt class="py-lineno">228</tt>  <tt class="py-line">                <tt class="py-name">extra</tt><tt class="py-op">=</tt><tt class="py-name">extra</tt> <tt class="py-op">)</tt> </tt>
<a name="L229"></a><tt class="py-lineno">229</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-185" class="py-name"><a title="esapi.exceptions.EnterpriseSecurityException" class="py-name" href="#" onclick="return doclink('link-185', 'EnterpriseSecurityException', 'link-29');">EnterpriseSecurityException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L230"></a><tt class="py-lineno">230</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-186" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-186', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-187" class="py-name"><a title="esapi.logger.Logger.warning
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.warning" class="py-name" href="#" onclick="return doclink('link-187', 'warning', 'link-121');">warning</a></tt><tt class="py-op">(</tt> <tt id="link-188" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-188', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-189" class="py-name"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-189', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L231"></a><tt class="py-lineno">231</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Remember token was missing, corrupt, or expired"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L232"></a><tt class="py-lineno">232</tt>  <tt class="py-line">                 </tt>
<a name="L233"></a><tt class="py-lineno">233</tt>  <tt class="py-line">        <tt id="link-190" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-190', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-191" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-191', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-192" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.kill_cookie
esapi.reference.default_http_utilities.DefaultHTTPUtilities.kill_cookie" class="py-name" href="#" onclick="return doclink('link-192', 'kill_cookie', 'link-156');">kill_cookie</a></tt><tt class="py-op">(</tt>  </tt>
<a name="L234"></a><tt class="py-lineno">234</tt>  <tt class="py-line">            <tt id="link-193" class="py-name"><a title="esapi.http_utilities.HTTPUtilities" class="py-name" href="#" onclick="return doclink('link-193', 'HTTPUtilities', 'link-18');">HTTPUtilities</a></tt><tt class="py-op">.</tt><tt id="link-194" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.REMEMBER_TOKEN_COOKIE_NAME" class="py-name" href="#" onclick="return doclink('link-194', 'REMEMBER_TOKEN_COOKIE_NAME', 'link-144');">REMEMBER_TOKEN_COOKIE_NAME</a></tt><tt class="py-op">,</tt>  </tt>
<a name="L235"></a><tt class="py-lineno">235</tt>  <tt class="py-line">            <tt id="link-195" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-195', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-196" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-196', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">,</tt>  </tt>
<a name="L236"></a><tt class="py-lineno">236</tt>  <tt class="py-line">            <tt id="link-197" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-197', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-198" class="py-name"><a title="esapi.core.ESAPI.current_response" class="py-name" href="#" onclick="return doclink('link-198', 'current_response', 'link-57');">current_response</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L237"></a><tt class="py-lineno">237</tt>  <tt class="py-line">             </tt>
<a name="L238"></a><tt class="py-lineno">238</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">None</tt>   </tt>
</div><a name="L239"></a><tt class="py-lineno">239</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.verify_password"></a><div id="ShelveAuthenticator.verify_password-def"><a name="L240"></a><tt class="py-lineno">240</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.verify_password-toggle" onclick="return toggle('ShelveAuthenticator.verify_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#verify_password">verify_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">user</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.verify_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.verify_password-expanded"><a name="L241"></a><tt class="py-lineno">241</tt>  <tt class="py-line">        <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L242"></a><tt class="py-lineno">242</tt>  <tt class="py-line">            <tt id="link-199" class="py-name" targets="Method esapi.encryptor.Encryptor.hash()=esapi.encryptor.Encryptor-class.html#hash,Method esapi.reference.default_encryptor.DefaultEncryptor.hash()=esapi.reference.default_encryptor.DefaultEncryptor-class.html#hash"><a title="esapi.encryptor.Encryptor.hash
esapi.reference.default_encryptor.DefaultEncryptor.hash" class="py-name" href="#" onclick="return doclink('link-199', 'hash', 'link-199');">hash</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-200" class="py-name" targets="Method esapi.authenticator.Authenticator.hash_password()=esapi.authenticator.Authenticator-class.html#hash_password,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.hash_password()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#hash_password"><a title="esapi.authenticator.Authenticator.hash_password
esapi.reference.shelve_authenticator.ShelveAuthenticator.hash_password" class="py-name" href="#" onclick="return doclink('link-200', 'hash_password', 'link-200');">hash_password</a></tt><tt class="py-op">(</tt><tt class="py-name">password</tt><tt class="py-op">,</tt> <tt id="link-201" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-201', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-202" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-202', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L243"></a><tt class="py-lineno">243</tt>  <tt class="py-line">            <tt class="py-name">current_hash</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-203" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.get_hashed_password()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_hashed_password,Method esapi.reference.user_credentials.UserCredentials.get_hashed_password()=esapi.reference.user_credentials.UserCredentials-class.html#get_hashed_password"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_hashed_password
esapi.reference.user_credentials.UserCredentials.get_hashed_password" class="py-name" href="#" onclick="return doclink('link-203', 'get_hashed_password', 'link-203');">get_hashed_password</a></tt><tt class="py-op">(</tt><tt id="link-204" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-204', 'user', 'link-20');">user</a></tt><tt class="py-op">)</tt> </tt>
<a name="L244"></a><tt class="py-lineno">244</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt id="link-205" class="py-name"><a title="esapi.encryptor.Encryptor.hash
esapi.reference.default_encryptor.DefaultEncryptor.hash" class="py-name" href="#" onclick="return doclink('link-205', 'hash', 'link-199');">hash</a></tt> <tt class="py-op">==</tt> <tt class="py-name">current_hash</tt><tt class="py-op">:</tt> </tt>
<a name="L245"></a><tt class="py-lineno">245</tt>  <tt class="py-line">                <tt id="link-206" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-206', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-207" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.last_login_time=esapi.reference.default_user.DefaultUser-class.html#last_login_time,Variable esapi.user.AnonymousUser.last_login_time=esapi.user.AnonymousUser-class.html#last_login_time,Variable esapi.user.User.last_login_time=esapi.user.User-class.html#last_login_time"><a title="esapi.reference.default_user.DefaultUser.last_login_time
esapi.user.AnonymousUser.last_login_time
esapi.user.User.last_login_time" class="py-name" href="#" onclick="return doclink('link-207', 'last_login_time', 'link-207');">last_login_time</a></tt> <tt class="py-op">=</tt> <tt class="py-name">datetime</tt><tt class="py-op">.</tt><tt class="py-name">now</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L246"></a><tt class="py-lineno">246</tt>  <tt class="py-line">                <tt id="link-208" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-208', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt class="py-name">failed_login_count</tt> <tt class="py-op">=</tt> <tt class="py-number">0</tt> </tt>
<a name="L247"></a><tt class="py-lineno">247</tt>  <tt class="py-line">                <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-209" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-209', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-210" class="py-name"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-210', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt> <tt id="link-211" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-211', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-212" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-212', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L248"></a><tt class="py-lineno">248</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password verified for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L249"></a><tt class="py-lineno">249</tt>  <tt class="py-line">                    <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-213" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-213', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-214" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-214', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L250"></a><tt class="py-lineno">250</tt>  <tt class="py-line">                <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
<a name="L251"></a><tt class="py-lineno">251</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-215" class="py-name"><a title="esapi.exceptions.EncryptionException" class="py-name" href="#" onclick="return doclink('link-215', 'EncryptionException', 'link-28');">EncryptionException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L252"></a><tt class="py-lineno">252</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-216" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-216', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-217" class="py-name" targets="Method esapi.logger.Logger.fatal()=esapi.logger.Logger-class.html#fatal,Method esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.fatal()=esapi.reference.python_log_factory.PythonLogFactory.PythonLogger-class.html#fatal"><a title="esapi.logger.Logger.fatal
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.fatal" class="py-name" href="#" onclick="return doclink('link-217', 'fatal', 'link-217');">fatal</a></tt><tt class="py-op">(</tt> <tt id="link-218" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-218', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-219" class="py-name"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-219', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L253"></a><tt class="py-lineno">253</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Encryption error verifying password for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L254"></a><tt class="py-lineno">254</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-220" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-220', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-221" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-221', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L255"></a><tt class="py-lineno">255</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-222" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-222', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-223" class="py-name"><a title="esapi.logger.Logger.fatal
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.fatal" class="py-name" href="#" onclick="return doclink('link-223', 'fatal', 'link-217');">fatal</a></tt><tt class="py-op">(</tt> <tt id="link-224" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-224', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-225" class="py-name"><a title="esapi.logger.Logger.SECURITY_FAILURE" class="py-name" href="#" onclick="return doclink('link-225', 'SECURITY_FAILURE', 'link-153');">SECURITY_FAILURE</a></tt><tt class="py-op">,</tt> </tt>
<a name="L256"></a><tt class="py-lineno">256</tt>  <tt class="py-line">            <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password verification failed for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L257"></a><tt class="py-lineno">257</tt>  <tt class="py-line">            <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-226" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-226', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-227" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-227', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L258"></a><tt class="py-lineno">258</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L259"></a><tt class="py-lineno">259</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.get_hashed_password"></a><div id="ShelveAuthenticator.get_hashed_password-def"><a name="L260"></a><tt class="py-lineno">260</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.get_hashed_password-toggle" onclick="return toggle('ShelveAuthenticator.get_hashed_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_hashed_password">get_hashed_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">user</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.get_hashed_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.get_hashed_password-expanded"><a name="L261"></a><tt class="py-lineno">261</tt>  <tt class="py-line">        <tt class="py-name">key</tt> <tt class="py-op">=</tt> <tt id="link-228" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-228', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-229" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-229', 'account_name', 'link-79');">account_name</a></tt> </tt>
<a name="L262"></a><tt class="py-lineno">262</tt>  <tt class="py-line">        <tt class="py-name">credentials</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">.</tt><tt id="link-230" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-230', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L263"></a><tt class="py-lineno">263</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">credentials</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L264"></a><tt class="py-lineno">264</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
<a name="L265"></a><tt class="py-lineno">265</tt>  <tt class="py-line">             </tt>
<a name="L266"></a><tt class="py-lineno">266</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">credentials</tt><tt class="py-op">.</tt><tt id="link-231" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_hashed_password
esapi.reference.user_credentials.UserCredentials.get_hashed_password" class="py-name" href="#" onclick="return doclink('link-231', 'get_hashed_password', 'link-203');">get_hashed_password</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L267"></a><tt class="py-lineno">267</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.set_hashed_password"></a><div id="ShelveAuthenticator.set_hashed_password-def"><a name="L268"></a><tt class="py-lineno">268</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.set_hashed_password-toggle" onclick="return toggle('ShelveAuthenticator.set_hashed_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#set_hashed_password">set_hashed_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">user</tt><tt class="py-op">,</tt> <tt class="py-param">new_hash</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.set_hashed_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.set_hashed_password-expanded"><a name="L269"></a><tt class="py-lineno">269</tt>  <tt class="py-line">        <tt class="py-name">key</tt> <tt class="py-op">=</tt> <tt id="link-232" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-232', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-233" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-233', 'account_name', 'link-79');">account_name</a></tt> </tt>
<a name="L270"></a><tt class="py-lineno">270</tt>  <tt class="py-line">        <tt class="py-name">credentials</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">.</tt><tt id="link-234" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-234', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L271"></a><tt class="py-lineno">271</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">credentials</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L272"></a><tt class="py-lineno">272</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">[</tt><tt class="py-name">key</tt><tt class="py-op">]</tt> <tt class="py-op">=</tt> <tt id="link-235" class="py-name"><a title="esapi.reference.user_credentials.UserCredentials" class="py-name" href="#" onclick="return doclink('link-235', 'UserCredentials', 'link-9');">UserCredentials</a></tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">)</tt> </tt>
<a name="L273"></a><tt class="py-lineno">273</tt>  <tt class="py-line">            <tt class="py-name">credentials</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">.</tt><tt id="link-236" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-236', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt class="py-name">key</tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L274"></a><tt class="py-lineno">274</tt>  <tt class="py-line">         </tt>
<a name="L275"></a><tt class="py-lineno">275</tt>  <tt class="py-line">        <tt class="py-name">credentials</tt><tt class="py-op">.</tt><tt id="link-237" class="py-name" targets="Method esapi.authenticator.Authenticator.change_password()=esapi.authenticator.Authenticator-class.html#change_password,Method esapi.reference.default_user.DefaultUser.change_password()=esapi.reference.default_user.DefaultUser-class.html#change_password,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.change_password()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#change_password,Method esapi.reference.user_credentials.UserCredentials.change_password()=esapi.reference.user_credentials.UserCredentials-class.html#change_password,Method esapi.user.AnonymousUser.change_password()=esapi.user.AnonymousUser-class.html#change_password,Method esapi.user.User.change_password()=esapi.user.User-class.html#change_password"><a title="esapi.authenticator.Authenticator.change_password
esapi.reference.default_user.DefaultUser.change_password
esapi.reference.shelve_authenticator.ShelveAuthenticator.change_password
esapi.reference.user_credentials.UserCredentials.change_password
esapi.user.AnonymousUser.change_password
esapi.user.User.change_password" class="py-name" href="#" onclick="return doclink('link-237', 'change_password', 'link-237');">change_password</a></tt><tt class="py-op">(</tt><tt class="py-name">new_hash</tt><tt class="py-op">)</tt> </tt>
</div><a name="L276"></a><tt class="py-lineno">276</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.logout"></a><div id="ShelveAuthenticator.logout-def"><a name="L277"></a><tt class="py-lineno">277</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.logout-toggle" onclick="return toggle('ShelveAuthenticator.logout');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#logout">logout</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">user</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.logout-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.logout-expanded"><a name="L278"></a><tt class="py-lineno">278</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-238" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-238', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L279"></a><tt class="py-lineno">279</tt>  <tt class="py-line">            <tt id="link-239" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-239', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> </tt>
<a name="L280"></a><tt class="py-lineno">280</tt>  <tt class="py-line">             </tt>
<a name="L281"></a><tt class="py-lineno">281</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-240" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-240', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt> <tt class="py-keyword">and</tt> <tt class="py-keyword">not</tt> <tt id="link-241" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-241', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-242" class="py-name"><a title="esapi.reference.default_user.DefaultUser.is_anonymous
esapi.user.AnonymousUser.is_anonymous
esapi.user.User.is_anonymous" class="py-name" href="#" onclick="return doclink('link-242', 'is_anonymous', 'link-74');">is_anonymous</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L282"></a><tt class="py-lineno">282</tt>  <tt class="py-line">            <tt id="link-243" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-243', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-244" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-244', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-245" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.kill_cookie
esapi.reference.default_http_utilities.DefaultHTTPUtilities.kill_cookie" class="py-name" href="#" onclick="return doclink('link-245', 'kill_cookie', 'link-156');">kill_cookie</a></tt><tt class="py-op">(</tt>  </tt>
<a name="L283"></a><tt class="py-lineno">283</tt>  <tt class="py-line">                <tt id="link-246" class="py-name"><a title="esapi.http_utilities.HTTPUtilities" class="py-name" href="#" onclick="return doclink('link-246', 'HTTPUtilities', 'link-18');">HTTPUtilities</a></tt><tt class="py-op">.</tt><tt id="link-247" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.REMEMBER_TOKEN_COOKIE_NAME" class="py-name" href="#" onclick="return doclink('link-247', 'REMEMBER_TOKEN_COOKIE_NAME', 'link-144');">REMEMBER_TOKEN_COOKIE_NAME</a></tt><tt class="py-op">,</tt> </tt>
<a name="L284"></a><tt class="py-lineno">284</tt>  <tt class="py-line">                <tt id="link-248" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-248', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-249" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-249', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">,</tt>  </tt>
<a name="L285"></a><tt class="py-lineno">285</tt>  <tt class="py-line">                <tt id="link-250" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-250', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-251" class="py-name"><a title="esapi.core.ESAPI.current_response" class="py-name" href="#" onclick="return doclink('link-251', 'current_response', 'link-57');">current_response</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L286"></a><tt class="py-lineno">286</tt>  <tt class="py-line">             </tt>
<a name="L287"></a><tt class="py-lineno">287</tt>  <tt class="py-line">            <tt class="py-name">session</tt> <tt class="py-op">=</tt> <tt id="link-252" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-252', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-253" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-253', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt class="py-name">session</tt> </tt>
<a name="L288"></a><tt class="py-lineno">288</tt>  <tt class="py-line">             </tt>
<a name="L289"></a><tt class="py-lineno">289</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">session</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L290"></a><tt class="py-lineno">290</tt>  <tt class="py-line">                <tt id="link-254" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-254', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-255" class="py-name" targets="Method esapi.reference.default_user.DefaultUser.remove_session()=esapi.reference.default_user.DefaultUser-class.html#remove_session,Method esapi.user.AnonymousUser.remove_session()=esapi.user.AnonymousUser-class.html#remove_session,Method esapi.user.User.remove_session()=esapi.user.User-class.html#remove_session"><a title="esapi.reference.default_user.DefaultUser.remove_session
esapi.user.AnonymousUser.remove_session
esapi.user.User.remove_session" class="py-name" href="#" onclick="return doclink('link-255', 'remove_session', 'link-255');">remove_session</a></tt><tt class="py-op">(</tt><tt class="py-name">session</tt><tt class="py-op">)</tt> </tt>
<a name="L291"></a><tt class="py-lineno">291</tt>  <tt class="py-line">                <tt class="py-name">session</tt><tt class="py-op">.</tt><tt id="link-256" class="py-name" targets="Method esapi.ihttp.ISession.invalidate()=esapi.ihttp.ISession-class.html#invalidate,Method esapi.test.http.mock_session.MockSession.invalidate()=esapi.test.http.mock_session.MockSession-class.html#invalidate"><a title="esapi.ihttp.ISession.invalidate
esapi.test.http.mock_session.MockSession.invalidate" class="py-name" href="#" onclick="return doclink('link-256', 'invalidate', 'link-256');">invalidate</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L292"></a><tt class="py-lineno">292</tt>  <tt class="py-line">                 </tt>
<a name="L293"></a><tt class="py-lineno">293</tt>  <tt class="py-line">            <tt id="link-257" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-257', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-258" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-258', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-259" class="py-name"><a title="esapi.http_utilities.HTTPUtilities.kill_cookie
esapi.reference.default_http_utilities.DefaultHTTPUtilities.kill_cookie" class="py-name" href="#" onclick="return doclink('link-259', 'kill_cookie', 'link-156');">kill_cookie</a></tt><tt class="py-op">(</tt>  </tt>
<a name="L294"></a><tt class="py-lineno">294</tt>  <tt class="py-line">                <tt id="link-260" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-260', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-261" class="py-name"><a title="esapi.core.ESAPI.http_utilities
esapi.http_utilities" class="py-name" href="#" onclick="return doclink('link-261', 'http_utilities', 'link-17');">http_utilities</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-262" class="py-name" targets="Variable esapi.http_utilities.HTTPUtilities.SESSION_TOKEN_NAME=esapi.http_utilities.HTTPUtilities-class.html#SESSION_TOKEN_NAME"><a title="esapi.http_utilities.HTTPUtilities.SESSION_TOKEN_NAME" class="py-name" href="#" onclick="return doclink('link-262', 'SESSION_TOKEN_NAME', 'link-262');">SESSION_TOKEN_NAME</a></tt><tt class="py-op">,</tt>  </tt>
<a name="L295"></a><tt class="py-lineno">295</tt>  <tt class="py-line">                <tt id="link-263" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-263', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-264" class="py-name"><a title="esapi.core.ESAPI.current_request" class="py-name" href="#" onclick="return doclink('link-264', 'current_request', 'link-55');">current_request</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L296"></a><tt class="py-lineno">296</tt>  <tt class="py-line">                <tt id="link-265" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-265', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-266" class="py-name"><a title="esapi.core.ESAPI.current_response" class="py-name" href="#" onclick="return doclink('link-266', 'current_response', 'link-57');">current_response</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L297"></a><tt class="py-lineno">297</tt>  <tt class="py-line">            <tt id="link-267" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-267', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt class="py-name">_logged_in</tt> <tt class="py-op">=</tt> <tt class="py-name">False</tt> </tt>
<a name="L298"></a><tt class="py-lineno">298</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-268" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-268', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-269" class="py-name"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-269', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt><tt id="link-270" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-270', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-271" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-271', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Logout successful"</tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L299"></a><tt class="py-lineno">299</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">current_user</tt> <tt class="py-op">=</tt> <tt id="link-272" class="py-name"><a title="esapi" class="py-name" href="#" onclick="return doclink('link-272', 'esapi', 'link-0');">esapi</a></tt><tt class="py-op">.</tt><tt id="link-273" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-273', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-274" class="py-name"><a title="esapi.user.AnonymousUser" class="py-name" href="#" onclick="return doclink('link-274', 'AnonymousUser', 'link-50');">AnonymousUser</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L300"></a><tt class="py-lineno">300</tt>  <tt class="py-line">             </tt>
<a name="ShelveAuthenticator.create_user"></a><div id="ShelveAuthenticator.create_user-def"><a name="L301"></a><tt class="py-lineno">301</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.create_user-toggle" onclick="return toggle('ShelveAuthenticator.create_user');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#create_user">create_user</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">,</tt> <tt class="py-param">password1</tt><tt class="py-op">,</tt> <tt class="py-param">password2</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.create_user-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.create_user-expanded"><a name="L302"></a><tt class="py-lineno">302</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-275" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-275', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt>    </tt>
<a name="L303"></a><tt class="py-lineno">303</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-276" class="py-name"><a title="esapi.exceptions.AuthenticationAccountsException" class="py-name" href="#" onclick="return doclink('link-276', 'AuthenticationAccountsException', 'link-24');">AuthenticationAccountsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L304"></a><tt class="py-lineno">304</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Account creation failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L305"></a><tt class="py-lineno">305</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Attempt to create user with None account_name"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L306"></a><tt class="py-lineno">306</tt>  <tt class="py-line">         </tt>
<a name="L307"></a><tt class="py-lineno">307</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-277" class="py-name"><a title="esapi.authenticator.Authenticator.get_user
esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user" class="py-name" href="#" onclick="return doclink('link-277', 'get_user', 'link-127');">get_user</a></tt><tt class="py-op">(</tt><tt id="link-278" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-278', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L308"></a><tt class="py-lineno">308</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-279" class="py-name"><a title="esapi.exceptions.AuthenticationAccountsException" class="py-name" href="#" onclick="return doclink('link-279', 'AuthenticationAccountsException', 'link-24');">AuthenticationAccountsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L309"></a><tt class="py-lineno">309</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Account creation failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L310"></a><tt class="py-lineno">310</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Duplicate user creation denied for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt>  </tt>
<a name="L311"></a><tt class="py-lineno">311</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-280" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-280', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L312"></a><tt class="py-lineno">312</tt>  <tt class="py-line">         </tt>
<a name="L313"></a><tt class="py-lineno">313</tt>  <tt class="py-line">        <tt id="link-281" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-281', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-op">=</tt> <tt id="link-282" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-282', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">.</tt><tt class="py-name">lower</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L314"></a><tt class="py-lineno">314</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-283" class="py-name" targets="Method esapi.authenticator.Authenticator.verify_account_name_strength()=esapi.authenticator.Authenticator-class.html#verify_account_name_strength,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_account_name_strength()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#verify_account_name_strength"><a title="esapi.authenticator.Authenticator.verify_account_name_strength
esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_account_name_strength" class="py-name" href="#" onclick="return doclink('link-283', 'verify_account_name_strength', 'link-283');">verify_account_name_strength</a></tt><tt class="py-op">(</tt><tt id="link-284" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-284', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L315"></a><tt class="py-lineno">315</tt>  <tt class="py-line">         </tt>
<a name="L316"></a><tt class="py-lineno">316</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">password1</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt> <tt class="py-keyword">or</tt> <tt class="py-name">password2</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L317"></a><tt class="py-lineno">317</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-285" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-285', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L318"></a><tt class="py-lineno">318</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid account name"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L319"></a><tt class="py-lineno">319</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Attempt to create account %(user)s with a None password"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L320"></a><tt class="py-lineno">320</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-286" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-286', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L321"></a><tt class="py-lineno">321</tt>  <tt class="py-line">                 </tt>
<a name="L322"></a><tt class="py-lineno">322</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-287" class="py-name" targets="Method esapi.authenticator.Authenticator.verify_password_strength()=esapi.authenticator.Authenticator-class.html#verify_password_strength,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_password_strength()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#verify_password_strength"><a title="esapi.authenticator.Authenticator.verify_password_strength
esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_password_strength" class="py-name" href="#" onclick="return doclink('link-287', 'verify_password_strength', 'link-287');">verify_password_strength</a></tt><tt class="py-op">(</tt><tt class="py-name">password1</tt><tt class="py-op">)</tt> </tt>
<a name="L323"></a><tt class="py-lineno">323</tt>  <tt class="py-line">         </tt>
<a name="L324"></a><tt class="py-lineno">324</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">password1</tt> <tt class="py-op">!=</tt> <tt class="py-name">password2</tt><tt class="py-op">:</tt> </tt>
<a name="L325"></a><tt class="py-lineno">325</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-288" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-288', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L326"></a><tt class="py-lineno">326</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Passwords do not match"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L327"></a><tt class="py-lineno">327</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Passwords for %(user)s do not match"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L328"></a><tt class="py-lineno">328</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-289" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-289', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L329"></a><tt class="py-lineno">329</tt>  <tt class="py-line">                </tt>
<a name="L330"></a><tt class="py-lineno">330</tt>  <tt class="py-line">        <tt class="py-name">klass</tt> <tt class="py-op">=</tt> <tt id="link-290" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-290', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-291" class="py-name"><a title="esapi.core.ESAPI.security_configuration
esapi.security_configuration" class="py-name" href="#" onclick="return doclink('link-291', 'security_configuration', 'link-41');">security_configuration</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-292" class="py-name" targets="Method esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_class_for_interface()=esapi.reference.default_security_configuration.DefaultSecurityConfiguration-class.html#get_class_for_interface,Method esapi.security_configuration.SecurityConfiguration.get_class_for_interface()=esapi.security_configuration.SecurityConfiguration-class.html#get_class_for_interface"><a title="esapi.reference.default_security_configuration.DefaultSecurityConfiguration.get_class_for_interface
esapi.security_configuration.SecurityConfiguration.get_class_for_interface" class="py-name" href="#" onclick="return doclink('link-292', 'get_class_for_interface', 'link-292');">get_class_for_interface</a></tt><tt class="py-op">(</tt><tt class="py-string">'user'</tt><tt class="py-op">)</tt> </tt>
<a name="L331"></a><tt class="py-lineno">331</tt>  <tt class="py-line">        <tt id="link-293" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-293', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">klass</tt><tt class="py-op">(</tt><tt id="link-294" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-294', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L332"></a><tt class="py-lineno">332</tt>  <tt class="py-line">         </tt>
<a name="L333"></a><tt class="py-lineno">333</tt>  <tt class="py-line">        <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L334"></a><tt class="py-lineno">334</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-295" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.set_hashed_password()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#set_hashed_password"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.set_hashed_password" class="py-name" href="#" onclick="return doclink('link-295', 'set_hashed_password', 'link-295');">set_hashed_password</a></tt><tt class="py-op">(</tt><tt id="link-296" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-296', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-297" class="py-name"><a title="esapi.authenticator.Authenticator.hash_password
esapi.reference.shelve_authenticator.ShelveAuthenticator.hash_password" class="py-name" href="#" onclick="return doclink('link-297', 'hash_password', 'link-200');">hash_password</a></tt><tt class="py-op">(</tt><tt class="py-name">password1</tt><tt class="py-op">,</tt> <tt id="link-298" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-298', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt><tt class="py-op">)</tt> </tt>
<a name="L335"></a><tt class="py-lineno">335</tt>  <tt class="py-line">            <tt id="link-299" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-299', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-300" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.last_password_change_time=esapi.reference.default_user.DefaultUser-class.html#last_password_change_time,Variable esapi.user.AnonymousUser.last_password_change_time=esapi.user.AnonymousUser-class.html#last_password_change_time,Variable esapi.user.User.last_password_change_time=esapi.user.User-class.html#last_password_change_time"><a title="esapi.reference.default_user.DefaultUser.last_password_change_time
esapi.user.AnonymousUser.last_password_change_time
esapi.user.User.last_password_change_time" class="py-name" href="#" onclick="return doclink('link-300', 'last_password_change_time', 'link-300');">last_password_change_time</a></tt> <tt class="py-op">=</tt> <tt class="py-name">datetime</tt><tt class="py-op">.</tt><tt class="py-name">now</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L336"></a><tt class="py-lineno">336</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-301" class="py-name"><a title="esapi.exceptions.EncryptionException" class="py-name" href="#" onclick="return doclink('link-301', 'EncryptionException', 'link-28');">EncryptionException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L337"></a><tt class="py-lineno">337</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-302" class="py-name"><a title="esapi.exceptions.AuthenticationException" class="py-name" href="#" onclick="return doclink('link-302', 'AuthenticationException', 'link-23');">AuthenticationException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L338"></a><tt class="py-lineno">338</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Internal error"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L339"></a><tt class="py-lineno">339</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Error hashing password for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt>  </tt>
<a name="L340"></a><tt class="py-lineno">340</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-303" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-303', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt><tt class="py-op">,</tt> </tt>
<a name="L341"></a><tt class="py-lineno">341</tt>  <tt class="py-line">                <tt class="py-name">extra</tt> <tt class="py-op">)</tt> </tt>
<a name="L342"></a><tt class="py-lineno">342</tt>  <tt class="py-line">                 </tt>
<a name="L343"></a><tt class="py-lineno">343</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">[</tt><tt id="link-304" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-304', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">]</tt> <tt class="py-op">=</tt> <tt id="link-305" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-305', 'user', 'link-20');">user</a></tt> </tt>
<a name="L344"></a><tt class="py-lineno">344</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-306" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-306', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-307" class="py-name"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-307', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt> <tt id="link-308" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-308', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-309" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-309', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L345"></a><tt class="py-lineno">345</tt>  <tt class="py-line">            <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New user created: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L346"></a><tt class="py-lineno">346</tt>  <tt class="py-line">            <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-310" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-310', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L347"></a><tt class="py-lineno">347</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt>   </tt>
<a name="L348"></a><tt class="py-lineno">348</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">[</tt><tt id="link-311" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-311', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">]</tt> </tt>
</div><a name="L349"></a><tt class="py-lineno">349</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.generate_strong_password"></a><div id="ShelveAuthenticator.generate_strong_password-def"><a name="L350"></a><tt class="py-lineno">350</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.generate_strong_password-toggle" onclick="return toggle('ShelveAuthenticator.generate_strong_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#generate_strong_password">generate_strong_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.generate_strong_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.generate_strong_password-expanded"><a name="L351"></a><tt class="py-lineno">351</tt>  <tt class="py-line">        <tt class="py-docstring">"""</tt> </tt>
<a name="L352"></a><tt class="py-lineno">352</tt>  <tt class="py-line"><tt class="py-docstring">        Generates a strong password between 7 and 9 characters in length from</tt> </tt>
<a name="L353"></a><tt class="py-lineno">353</tt>  <tt class="py-line"><tt class="py-docstring">        a charset including uppercase and lowercase letters, numbers, and</tt> </tt>
<a name="L354"></a><tt class="py-lineno">354</tt>  <tt class="py-line"><tt class="py-docstring">        special characters. It excludes the confusing characters.</tt> </tt>
<a name="L355"></a><tt class="py-lineno">355</tt>  <tt class="py-line"><tt class="py-docstring">        """</tt> </tt>
<a name="L356"></a><tt class="py-lineno">356</tt>  <tt class="py-line">        <tt id="link-312" class="py-name" targets="Class Method esapi.core.ESAPI.randomizer()=esapi.core.ESAPI-class.html#randomizer,Module esapi.randomizer=esapi.randomizer-module.html"><a title="esapi.core.ESAPI.randomizer
esapi.randomizer" class="py-name" href="#" onclick="return doclink('link-312', 'randomizer', 'link-312');">randomizer</a></tt> <tt class="py-op">=</tt> <tt id="link-313" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-313', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-314" class="py-name"><a title="esapi.core.ESAPI.randomizer
esapi.randomizer" class="py-name" href="#" onclick="return doclink('link-314', 'randomizer', 'link-312');">randomizer</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L357"></a><tt class="py-lineno">357</tt>  <tt class="py-line">        <tt class="py-name">length</tt> <tt class="py-op">=</tt> <tt id="link-315" class="py-name"><a title="esapi.core.ESAPI.randomizer
esapi.randomizer" class="py-name" href="#" onclick="return doclink('link-315', 'randomizer', 'link-312');">randomizer</a></tt><tt class="py-op">.</tt><tt id="link-316" class="py-name" targets="Method esapi.randomizer.Randomizer.get_random_integer()=esapi.randomizer.Randomizer-class.html#get_random_integer,Method esapi.reference.default_randomizer.DefaultRandomizer.get_random_integer()=esapi.reference.default_randomizer.DefaultRandomizer-class.html#get_random_integer"><a title="esapi.randomizer.Randomizer.get_random_integer
esapi.reference.default_randomizer.DefaultRandomizer.get_random_integer" class="py-name" href="#" onclick="return doclink('link-316', 'get_random_integer', 'link-316');">get_random_integer</a></tt><tt class="py-op">(</tt><tt class="py-number">7</tt><tt class="py-op">,</tt> <tt class="py-number">9</tt><tt class="py-op">)</tt> </tt>
<a name="L358"></a><tt class="py-lineno">358</tt>  <tt class="py-line">         </tt>
<a name="L359"></a><tt class="py-lineno">359</tt>  <tt class="py-line">        <tt class="py-keyword">def</tt> <tt class="py-def-name">gen_password</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L360"></a><tt class="py-lineno">360</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt id="link-317" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-317', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-318" class="py-name"><a title="esapi.core.ESAPI.randomizer
esapi.randomizer" class="py-name" href="#" onclick="return doclink('link-318', 'randomizer', 'link-312');">randomizer</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-319" class="py-name" targets="Method esapi.randomizer.Randomizer.get_random_string()=esapi.randomizer.Randomizer-class.html#get_random_string,Method esapi.reference.default_randomizer.DefaultRandomizer.get_random_string()=esapi.reference.default_randomizer.DefaultRandomizer-class.html#get_random_string"><a title="esapi.randomizer.Randomizer.get_random_string
esapi.reference.default_randomizer.DefaultRandomizer.get_random_string" class="py-name" href="#" onclick="return doclink('link-319', 'get_random_string', 'link-319');">get_random_string</a></tt><tt class="py-op">(</tt>  </tt>
<a name="L361"></a><tt class="py-lineno">361</tt>  <tt class="py-line">                <tt class="py-name">length</tt><tt class="py-op">,</tt>  </tt>
<a name="L362"></a><tt class="py-lineno">362</tt>  <tt class="py-line">                <tt id="link-320" class="py-name"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-320', 'Encoder', 'link-15');">Encoder</a></tt><tt class="py-op">.</tt><tt id="link-321" class="py-name" targets="Variable esapi.encoder.Encoder.CHAR_PASSWORD_ALL=esapi.encoder.Encoder-class.html#CHAR_PASSWORD_ALL"><a title="esapi.encoder.Encoder.CHAR_PASSWORD_ALL" class="py-name" href="#" onclick="return doclink('link-321', 'CHAR_PASSWORD_ALL', 'link-321');">CHAR_PASSWORD_ALL</a></tt> <tt class="py-op">)</tt> </tt>
</div><a name="L363"></a><tt class="py-lineno">363</tt>  <tt class="py-line">             </tt>
<a name="L364"></a><tt class="py-lineno">364</tt>  <tt class="py-line">        <tt class="py-name">new_password</tt> <tt class="py-op">=</tt> <tt class="py-name">gen_password</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L365"></a><tt class="py-lineno">365</tt>  <tt class="py-line">        <tt class="py-comment"># Verify we meet password complexity requirements</tt> </tt>
<a name="L366"></a><tt class="py-lineno">366</tt>  <tt class="py-line">        <tt class="py-name">success</tt> <tt class="py-op">=</tt> <tt class="py-name">False</tt> </tt>
<a name="L367"></a><tt class="py-lineno">367</tt>  <tt class="py-line">        <tt class="py-keyword">while</tt> <tt class="py-keyword">not</tt> <tt class="py-name">success</tt><tt class="py-op">:</tt> </tt>
<a name="L368"></a><tt class="py-lineno">368</tt>  <tt class="py-line">            <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L369"></a><tt class="py-lineno">369</tt>  <tt class="py-line">                <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-322" class="py-name"><a title="esapi.authenticator.Authenticator.verify_password_strength
esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_password_strength" class="py-name" href="#" onclick="return doclink('link-322', 'verify_password_strength', 'link-287');">verify_password_strength</a></tt><tt class="py-op">(</tt><tt class="py-name">new_password</tt><tt class="py-op">)</tt> </tt>
<a name="L370"></a><tt class="py-lineno">370</tt>  <tt class="py-line">                <tt class="py-name">success</tt> <tt class="py-op">=</tt> <tt class="py-name">True</tt> </tt>
<a name="L371"></a><tt class="py-lineno">371</tt>  <tt class="py-line">            <tt class="py-keyword">except</tt> <tt id="link-323" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-323', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">:</tt> </tt>
<a name="L372"></a><tt class="py-lineno">372</tt>  <tt class="py-line">                <tt class="py-name">new_password</tt> <tt class="py-op">=</tt> <tt class="py-name">gen_password</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L373"></a><tt class="py-lineno">373</tt>  <tt class="py-line">                 </tt>
<a name="L374"></a><tt class="py-lineno">374</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt class="py-name">new_password</tt> </tt>
</div><a name="L375"></a><tt class="py-lineno">375</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.change_password"></a><div id="ShelveAuthenticator.change_password-def"><a name="L376"></a><tt class="py-lineno">376</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.change_password-toggle" onclick="return toggle('ShelveAuthenticator.change_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#change_password">change_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">user</tt><tt class="py-op">,</tt> <tt class="py-param">current_password</tt><tt class="py-op">,</tt> <tt class="py-param">new_password1</tt><tt class="py-op">,</tt> <tt class="py-param">new_password2</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.change_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.change_password-expanded"><a name="L377"></a><tt class="py-lineno">377</tt>  <tt class="py-line">        <tt class="py-keyword">try</tt><tt class="py-op">:</tt> </tt>
<a name="L378"></a><tt class="py-lineno">378</tt>  <tt class="py-line">            <tt class="py-name">current_hash</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-324" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_hashed_password
esapi.reference.user_credentials.UserCredentials.get_hashed_password" class="py-name" href="#" onclick="return doclink('link-324', 'get_hashed_password', 'link-203');">get_hashed_password</a></tt><tt class="py-op">(</tt><tt id="link-325" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-325', 'user', 'link-20');">user</a></tt><tt class="py-op">)</tt> </tt>
<a name="L379"></a><tt class="py-lineno">379</tt>  <tt class="py-line">            <tt class="py-name">verify_hash</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-326" class="py-name"><a title="esapi.authenticator.Authenticator.hash_password
esapi.reference.shelve_authenticator.ShelveAuthenticator.hash_password" class="py-name" href="#" onclick="return doclink('link-326', 'hash_password', 'link-200');">hash_password</a></tt><tt class="py-op">(</tt><tt class="py-name">current_password</tt><tt class="py-op">,</tt> <tt id="link-327" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-327', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-328" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-328', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L380"></a><tt class="py-lineno">380</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">current_hash</tt> <tt class="py-op">!=</tt> <tt class="py-name">verify_hash</tt><tt class="py-op">:</tt> </tt>
<a name="L381"></a><tt class="py-lineno">381</tt>  <tt class="py-line">                <tt class="py-keyword">raise</tt> <tt id="link-329" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-329', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L382"></a><tt class="py-lineno">382</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password change failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L383"></a><tt class="py-lineno">383</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Authentication failed for password change on user: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L384"></a><tt class="py-lineno">384</tt>  <tt class="py-line">                    <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-330" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-330', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-331" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-331', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L385"></a><tt class="py-lineno">385</tt>  <tt class="py-line">             </tt>
<a name="L386"></a><tt class="py-lineno">386</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-op">(</tt><tt class="py-name">new_password1</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt> <tt class="py-keyword">or</tt>  </tt>
<a name="L387"></a><tt class="py-lineno">387</tt>  <tt class="py-line">                <tt class="py-name">new_password2</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt> <tt class="py-keyword">or</tt>  </tt>
<a name="L388"></a><tt class="py-lineno">388</tt>  <tt class="py-line">                <tt class="py-name">new_password2</tt> <tt class="py-op">!=</tt> <tt class="py-name">new_password2</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L389"></a><tt class="py-lineno">389</tt>  <tt class="py-line">                <tt class="py-keyword">raise</tt> <tt id="link-332" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-332', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L390"></a><tt class="py-lineno">390</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password change failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L391"></a><tt class="py-lineno">391</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New passwords do not match for password change on user: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L392"></a><tt class="py-lineno">392</tt>  <tt class="py-line">                    <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-333" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-333', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-334" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-334', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L393"></a><tt class="py-lineno">393</tt>  <tt class="py-line">                     </tt>
<a name="L394"></a><tt class="py-lineno">394</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-335" class="py-name"><a title="esapi.authenticator.Authenticator.verify_password_strength
esapi.reference.shelve_authenticator.ShelveAuthenticator.verify_password_strength" class="py-name" href="#" onclick="return doclink('link-335', 'verify_password_strength', 'link-287');">verify_password_strength</a></tt><tt class="py-op">(</tt><tt class="py-name">new_password1</tt><tt class="py-op">,</tt> <tt class="py-name">current_password</tt><tt class="py-op">)</tt> </tt>
<a name="L395"></a><tt class="py-lineno">395</tt>  <tt class="py-line">            <tt id="link-336" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-336', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-337" class="py-name"><a title="esapi.reference.default_user.DefaultUser.last_password_change_time
esapi.user.AnonymousUser.last_password_change_time
esapi.user.User.last_password_change_time" class="py-name" href="#" onclick="return doclink('link-337', 'last_password_change_time', 'link-300');">last_password_change_time</a></tt> <tt class="py-op">=</tt> <tt class="py-name">datetime</tt><tt class="py-op">.</tt><tt class="py-name">now</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L396"></a><tt class="py-lineno">396</tt>  <tt class="py-line">             </tt>
<a name="L397"></a><tt class="py-lineno">397</tt>  <tt class="py-line">            <tt class="py-name">new_hash</tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-338" class="py-name"><a title="esapi.authenticator.Authenticator.hash_password
esapi.reference.shelve_authenticator.ShelveAuthenticator.hash_password" class="py-name" href="#" onclick="return doclink('link-338', 'hash_password', 'link-200');">hash_password</a></tt><tt class="py-op">(</tt><tt class="py-name">new_password1</tt><tt class="py-op">,</tt> <tt id="link-339" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-339', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-340" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-340', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L398"></a><tt class="py-lineno">398</tt>  <tt class="py-line">            <tt class="py-keyword">if</tt> <tt class="py-name">new_hash</tt> <tt class="py-keyword">in</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-341" class="py-name" targets="Method esapi.reference.shelve_authenticator.ShelveAuthenticator.get_old_password_hashes()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_old_password_hashes,Method esapi.reference.user_credentials.UserCredentials.get_old_password_hashes()=esapi.reference.user_credentials.UserCredentials-class.html#get_old_password_hashes"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_old_password_hashes
esapi.reference.user_credentials.UserCredentials.get_old_password_hashes" class="py-name" href="#" onclick="return doclink('link-341', 'get_old_password_hashes', 'link-341');">get_old_password_hashes</a></tt><tt class="py-op">(</tt><tt id="link-342" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-342', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-343" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-343', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L399"></a><tt class="py-lineno">399</tt>  <tt class="py-line">                <tt class="py-keyword">raise</tt> <tt id="link-344" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-344', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L400"></a><tt class="py-lineno">400</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password change failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L401"></a><tt class="py-lineno">401</tt>  <tt class="py-line">                    <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password matches a recent password for user: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L402"></a><tt class="py-lineno">402</tt>  <tt class="py-line">                    <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-345" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-345', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-346" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-346', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L403"></a><tt class="py-lineno">403</tt>  <tt class="py-line">                     </tt>
<a name="L404"></a><tt class="py-lineno">404</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-347" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.set_hashed_password" class="py-name" href="#" onclick="return doclink('link-347', 'set_hashed_password', 'link-295');">set_hashed_password</a></tt><tt class="py-op">(</tt><tt id="link-348" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-348', 'user', 'link-20');">user</a></tt><tt class="py-op">,</tt> <tt class="py-name">new_hash</tt><tt class="py-op">)</tt> </tt>
<a name="L405"></a><tt class="py-lineno">405</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-349" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-349', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-350" class="py-name"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-350', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt> <tt id="link-351" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-351', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-352" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-352', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L406"></a><tt class="py-lineno">406</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password changed for user: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L407"></a><tt class="py-lineno">407</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-353" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-353', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-354" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-354', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L408"></a><tt class="py-lineno">408</tt>  <tt class="py-line">                 </tt>
<a name="L409"></a><tt class="py-lineno">409</tt>  <tt class="py-line">        <tt class="py-keyword">except</tt> <tt id="link-355" class="py-name"><a title="esapi.exceptions.EncryptionException" class="py-name" href="#" onclick="return doclink('link-355', 'EncryptionException', 'link-28');">EncryptionException</a></tt><tt class="py-op">,</tt> <tt class="py-name">extra</tt><tt class="py-op">:</tt> </tt>
<a name="L410"></a><tt class="py-lineno">410</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-356" class="py-name"><a title="esapi.exceptions.AuthenticationException" class="py-name" href="#" onclick="return doclink('link-356', 'AuthenticationException', 'link-23');">AuthenticationException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L411"></a><tt class="py-lineno">411</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Password change failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L412"></a><tt class="py-lineno">412</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Encryption exception changing password for %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L413"></a><tt class="py-lineno">413</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-357" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-357', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-358" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-358', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt><tt class="py-op">,</tt> </tt>
<a name="L414"></a><tt class="py-lineno">414</tt>  <tt class="py-line">                <tt class="py-name">extra</tt> <tt class="py-op">)</tt> </tt>
</div><a name="L415"></a><tt class="py-lineno">415</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.get_user"></a><div id="ShelveAuthenticator.get_user-def"><a name="L416"></a><tt class="py-lineno">416</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.get_user-toggle" onclick="return toggle('ShelveAuthenticator.get_user');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_user">get_user</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">,</tt> <tt class="py-param">account_id</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.get_user-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.get_user-expanded"><a name="L417"></a><tt class="py-lineno">417</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-359" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-359', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L418"></a><tt class="py-lineno">418</tt>  <tt class="py-line">            <tt id="link-360" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-360', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-op">=</tt> <tt id="link-361" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-361', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">.</tt><tt class="py-name">lower</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L419"></a><tt class="py-lineno">419</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt id="link-362" class="py-name"><a title="esapi.ihttp.ISession.get
esapi.test.http.mock_session.MockSession.get" class="py-name" href="#" onclick="return doclink('link-362', 'get', 'link-117');">get</a></tt><tt class="py-op">(</tt><tt id="link-363" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-363', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">,</tt> <tt class="py-name">None</tt><tt class="py-op">)</tt> </tt>
<a name="L420"></a><tt class="py-lineno">420</tt>  <tt class="py-line">             </tt>
<a name="L421"></a><tt class="py-lineno">421</tt>  <tt class="py-line">        <tt class="py-keyword">elif</tt> <tt id="link-364" class="py-name" targets="Variable esapi.reference.default_user.DefaultUser.account_id=esapi.reference.default_user.DefaultUser-class.html#account_id,Variable esapi.user.AnonymousUser.account_id=esapi.user.AnonymousUser-class.html#account_id,Variable esapi.user.User.account_id=esapi.user.User-class.html#account_id"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-364', 'account_id', 'link-364');">account_id</a></tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L422"></a><tt class="py-lineno">422</tt>  <tt class="py-line">            <tt class="py-comment"># This is a bad nieve search and should be changed according to your system.</tt> </tt>
<a name="L423"></a><tt class="py-lineno">423</tt>  <tt class="py-line">            <tt class="py-comment"># SQL can do this much better</tt> </tt>
<a name="L424"></a><tt class="py-lineno">424</tt>  <tt class="py-line">            <tt class="py-keyword">for</tt> <tt id="link-365" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-365', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">in</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">values</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L425"></a><tt class="py-lineno">425</tt>  <tt class="py-line">                <tt class="py-keyword">if</tt> <tt id="link-366" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-366', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-367" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-367', 'account_id', 'link-364');">account_id</a></tt> <tt class="py-op">==</tt> <tt id="link-368" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-368', 'account_id', 'link-364');">account_id</a></tt><tt class="py-op">:</tt> </tt>
<a name="L426"></a><tt class="py-lineno">426</tt>  <tt class="py-line">                    <tt class="py-keyword">return</tt> <tt id="link-369" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-369', 'user', 'link-20');">user</a></tt> </tt>
<a name="L427"></a><tt class="py-lineno">427</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">None</tt> </tt>
</div><a name="L428"></a><tt class="py-lineno">428</tt>  <tt class="py-line">     </tt>
<a name="ShelveAuthenticator.hash_password"></a><div id="ShelveAuthenticator.hash_password-def"><a name="L429"></a><tt class="py-lineno">429</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.hash_password-toggle" onclick="return toggle('ShelveAuthenticator.hash_password');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#hash_password">hash_password</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">password</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.hash_password-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.hash_password-expanded"><a name="L430"></a><tt class="py-lineno">430</tt>  <tt class="py-line">        <tt class="py-name">salt</tt> <tt class="py-op">=</tt> <tt id="link-370" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-370', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">.</tt><tt class="py-name">lower</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L431"></a><tt class="py-lineno">431</tt>  <tt class="py-line">        <tt class="py-keyword">return</tt> <tt id="link-371" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-371', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-372" class="py-name"><a title="esapi.core.ESAPI.encryptor
esapi.encryptor" class="py-name" href="#" onclick="return doclink('link-372', 'encryptor', 'link-148');">encryptor</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-373" class="py-name"><a title="esapi.encryptor.Encryptor.hash
esapi.reference.default_encryptor.DefaultEncryptor.hash" class="py-name" href="#" onclick="return doclink('link-373', 'hash', 'link-199');">hash</a></tt><tt class="py-op">(</tt><tt class="py-name">password</tt><tt class="py-op">,</tt> <tt class="py-name">salt</tt><tt class="py-op">)</tt> </tt>
</div><a name="L432"></a><tt class="py-lineno">432</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.remove_user"></a><div id="ShelveAuthenticator.remove_user-def"><a name="L433"></a><tt class="py-lineno">433</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.remove_user-toggle" onclick="return toggle('ShelveAuthenticator.remove_user');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#remove_user">remove_user</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.remove_user-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.remove_user-expanded"><a name="L434"></a><tt class="py-lineno">434</tt>  <tt class="py-line">        <tt id="link-374" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-374', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-op">=</tt> <tt id="link-375" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-375', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">.</tt><tt class="py-name">lower</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L435"></a><tt class="py-lineno">435</tt>  <tt class="py-line">        <tt id="link-376" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-376', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-377" class="py-name"><a title="esapi.authenticator.Authenticator.get_user
esapi.reference.shelve_authenticator.ShelveAuthenticator.get_user" class="py-name" href="#" onclick="return doclink('link-377', 'get_user', 'link-127');">get_user</a></tt><tt class="py-op">(</tt><tt id="link-378" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-378', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L436"></a><tt class="py-lineno">436</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-379" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-379', 'user', 'link-20');">user</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L437"></a><tt class="py-lineno">437</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-380" class="py-name"><a title="esapi.exceptions.AuthenticationAccountsException" class="py-name" href="#" onclick="return doclink('link-380', 'AuthenticationAccountsException', 'link-24');">AuthenticationAccountsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L438"></a><tt class="py-lineno">438</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Remove user failed"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L439"></a><tt class="py-lineno">439</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Can't remove invalid account_name: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L440"></a><tt class="py-lineno">440</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-381" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-381', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L441"></a><tt class="py-lineno">441</tt>  <tt class="py-line">         </tt>
<a name="L442"></a><tt class="py-lineno">442</tt>  <tt class="py-line">        <tt class="py-keyword">del</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">[</tt><tt id="link-382" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-382', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">]</tt> </tt>
<a name="L443"></a><tt class="py-lineno">443</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-383" class="py-name"><a title="esapi.core.ESAPI.logger
esapi.logger" class="py-name" href="#" onclick="return doclink('link-383', 'logger', 'link-6');">logger</a></tt><tt class="py-op">.</tt><tt id="link-384" class="py-name"><a title="esapi.logger.Logger.info
esapi.reference.python_log_factory.PythonLogFactory.PythonLogger.info" class="py-name" href="#" onclick="return doclink('link-384', 'info', 'link-172');">info</a></tt><tt class="py-op">(</tt> <tt id="link-385" class="py-name"><a title="esapi.logger.Logger" class="py-name" href="#" onclick="return doclink('link-385', 'Logger', 'link-7');">Logger</a></tt><tt class="py-op">.</tt><tt id="link-386" class="py-name"><a title="esapi.logger.Logger.SECURITY_SUCCESS" class="py-name" href="#" onclick="return doclink('link-386', 'SECURITY_SUCCESS', 'link-123');">SECURITY_SUCCESS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L444"></a><tt class="py-lineno">444</tt>  <tt class="py-line">            <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"User successfully removed: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L445"></a><tt class="py-lineno">445</tt>  <tt class="py-line">            <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-387" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-387', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
<a name="L446"></a><tt class="py-lineno">446</tt>  <tt class="py-line">        <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">sync</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
</div><a name="L447"></a><tt class="py-lineno">447</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.verify_account_name_strength"></a><div id="ShelveAuthenticator.verify_account_name_strength-def"><a name="L448"></a><tt class="py-lineno">448</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.verify_account_name_strength-toggle" onclick="return toggle('ShelveAuthenticator.verify_account_name_strength');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#verify_account_name_strength">verify_account_name_strength</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.verify_account_name_strength-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.verify_account_name_strength-expanded"><a name="L449"></a><tt class="py-lineno">449</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-388" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-388', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L450"></a><tt class="py-lineno">450</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-389" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-389', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L451"></a><tt class="py-lineno">451</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid account name"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L452"></a><tt class="py-lineno">452</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Attempt to create account with a None account name"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L453"></a><tt class="py-lineno">453</tt>  <tt class="py-line">                 </tt>
<a name="L454"></a><tt class="py-lineno">454</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-keyword">not</tt> <tt id="link-390" class="py-name"><a title="esapi.core.ESAPI" class="py-name" href="#" onclick="return doclink('link-390', 'ESAPI', 'link-2');">ESAPI</a></tt><tt class="py-op">.</tt><tt id="link-391" class="py-name" targets="Class Method esapi.core.ESAPI.validator()=esapi.core.ESAPI-class.html#validator,Module esapi.validator=esapi.validator-module.html"><a title="esapi.core.ESAPI.validator
esapi.validator" class="py-name" href="#" onclick="return doclink('link-391', 'validator', 'link-391');">validator</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">.</tt><tt id="link-392" class="py-name" targets="Method esapi.reference.default_validator.DefaultValidator.is_valid_input()=esapi.reference.default_validator.DefaultValidator-class.html#is_valid_input,Method esapi.validator.Validator.is_valid_input()=esapi.validator.Validator-class.html#is_valid_input"><a title="esapi.reference.default_validator.DefaultValidator.is_valid_input
esapi.validator.Validator.is_valid_input" class="py-name" href="#" onclick="return doclink('link-392', 'is_valid_input', 'link-392');">is_valid_input</a></tt><tt class="py-op">(</tt> </tt>
<a name="L455"></a><tt class="py-lineno">455</tt>  <tt class="py-line">            <tt class="py-string">"verifyaccountNameStrength"</tt><tt class="py-op">,</tt> </tt>
<a name="L456"></a><tt class="py-lineno">456</tt>  <tt class="py-line">            <tt id="link-393" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-393', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">,</tt> </tt>
<a name="L457"></a><tt class="py-lineno">457</tt>  <tt class="py-line">            <tt class="py-string">"AccountName"</tt><tt class="py-op">,</tt> </tt>
<a name="L458"></a><tt class="py-lineno">458</tt>  <tt class="py-line">            <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-394" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.MAX_ACCOUNT_NAME_LENGTH" class="py-name" href="#" onclick="return doclink('link-394', 'MAX_ACCOUNT_NAME_LENGTH', 'link-33');">MAX_ACCOUNT_NAME_LENGTH</a></tt><tt class="py-op">,</tt> </tt>
<a name="L459"></a><tt class="py-lineno">459</tt>  <tt class="py-line">            <tt class="py-name">False</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L460"></a><tt class="py-lineno">460</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-395" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-395', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L461"></a><tt class="py-lineno">461</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid account name"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L462"></a><tt class="py-lineno">462</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New account name is not valid: %(user)s"</tt><tt class="py-op">)</tt> <tt class="py-op">%</tt> </tt>
<a name="L463"></a><tt class="py-lineno">463</tt>  <tt class="py-line">                <tt class="py-op">{</tt><tt class="py-string">'user'</tt> <tt class="py-op">:</tt> <tt id="link-396" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-396', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">}</tt> <tt class="py-op">)</tt> </tt>
</div><a name="L464"></a><tt class="py-lineno">464</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.verify_password_strength"></a><div id="ShelveAuthenticator.verify_password_strength-def"><a name="L465"></a><tt class="py-lineno">465</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.verify_password_strength-toggle" onclick="return toggle('ShelveAuthenticator.verify_password_strength');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#verify_password_strength">verify_password_strength</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">new_password</tt><tt class="py-op">,</tt> <tt class="py-param">old_password</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.verify_password_strength-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.verify_password_strength-expanded"><a name="L466"></a><tt class="py-lineno">466</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">new_password</tt> <tt class="py-keyword">is</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L467"></a><tt class="py-lineno">467</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-397" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-397', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L468"></a><tt class="py-lineno">468</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid password"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L469"></a><tt class="py-lineno">469</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New password cannot be None"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L470"></a><tt class="py-lineno">470</tt>  <tt class="py-line">                 </tt>
<a name="L471"></a><tt class="py-lineno">471</tt>  <tt class="py-line">        <tt class="py-comment"># Can't change to a password that contains any 3 character substring </tt> </tt>
<a name="L472"></a><tt class="py-lineno">472</tt>  <tt class="py-line">        <tt class="py-comment"># of old password</tt> </tt>
<a name="L473"></a><tt class="py-lineno">473</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">old_password</tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L474"></a><tt class="py-lineno">474</tt>  <tt class="py-line">            <tt class="py-keyword">for</tt> <tt class="py-name">i</tt> <tt class="py-keyword">in</tt> <tt class="py-name">range</tt><tt class="py-op">(</tt> <tt class="py-number">0</tt><tt class="py-op">,</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">old_password</tt><tt class="py-op">)</tt> <tt class="py-op">-</tt> <tt class="py-number">2</tt> <tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L475"></a><tt class="py-lineno">475</tt>  <tt class="py-line">                <tt class="py-name">sub</tt> <tt class="py-op">=</tt> <tt class="py-name">old_password</tt><tt class="py-op">[</tt><tt class="py-name">i</tt><tt class="py-op">:</tt><tt class="py-name">i</tt><tt class="py-op">+</tt><tt class="py-number">3</tt><tt class="py-op">]</tt> </tt>
<a name="L476"></a><tt class="py-lineno">476</tt>  <tt class="py-line">                <tt class="py-keyword">if</tt> <tt class="py-name">sub</tt> <tt class="py-keyword">in</tt> <tt class="py-name">new_password</tt><tt class="py-op">:</tt> </tt>
<a name="L477"></a><tt class="py-lineno">477</tt>  <tt class="py-line">                    <tt class="py-keyword">raise</tt> <tt id="link-398" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-398', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L478"></a><tt class="py-lineno">478</tt>  <tt class="py-line">                        <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid password"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L479"></a><tt class="py-lineno">479</tt>  <tt class="py-line">                        <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New password cannot contain pieces of old password."</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
<a name="L480"></a><tt class="py-lineno">480</tt>  <tt class="py-line">                         </tt>
<a name="L481"></a><tt class="py-lineno">481</tt>  <tt class="py-line">        <tt class="py-comment"># new password must have enough character sets and length</tt> </tt>
<a name="L482"></a><tt class="py-lineno">482</tt>  <tt class="py-line">        <tt class="py-name">num_charsets</tt> <tt class="py-op">=</tt> <tt class="py-number">0</tt> </tt>
<a name="L483"></a><tt class="py-lineno">483</tt>  <tt class="py-line">        <tt class="py-name">charsets</tt> <tt class="py-op">=</tt> <tt class="py-op">[</tt><tt id="link-399" class="py-name"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-399', 'Encoder', 'link-15');">Encoder</a></tt><tt class="py-op">.</tt><tt id="link-400" class="py-name" targets="Variable esapi.encoder.Encoder.CHAR_PASSWORD_LOWERS=esapi.encoder.Encoder-class.html#CHAR_PASSWORD_LOWERS"><a title="esapi.encoder.Encoder.CHAR_PASSWORD_LOWERS" class="py-name" href="#" onclick="return doclink('link-400', 'CHAR_PASSWORD_LOWERS', 'link-400');">CHAR_PASSWORD_LOWERS</a></tt><tt class="py-op">,</tt>  </tt>
<a name="L484"></a><tt class="py-lineno">484</tt>  <tt class="py-line">                    <tt id="link-401" class="py-name"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-401', 'Encoder', 'link-15');">Encoder</a></tt><tt class="py-op">.</tt><tt id="link-402" class="py-name" targets="Variable esapi.encoder.Encoder.CHAR_PASSWORD_UPPERS=esapi.encoder.Encoder-class.html#CHAR_PASSWORD_UPPERS"><a title="esapi.encoder.Encoder.CHAR_PASSWORD_UPPERS" class="py-name" href="#" onclick="return doclink('link-402', 'CHAR_PASSWORD_UPPERS', 'link-402');">CHAR_PASSWORD_UPPERS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L485"></a><tt class="py-lineno">485</tt>  <tt class="py-line">                    <tt id="link-403" class="py-name"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-403', 'Encoder', 'link-15');">Encoder</a></tt><tt class="py-op">.</tt><tt id="link-404" class="py-name" targets="Variable esapi.encoder.Encoder.CHAR_PASSWORD_DIGITS=esapi.encoder.Encoder-class.html#CHAR_PASSWORD_DIGITS"><a title="esapi.encoder.Encoder.CHAR_PASSWORD_DIGITS" class="py-name" href="#" onclick="return doclink('link-404', 'CHAR_PASSWORD_DIGITS', 'link-404');">CHAR_PASSWORD_DIGITS</a></tt><tt class="py-op">,</tt> </tt>
<a name="L486"></a><tt class="py-lineno">486</tt>  <tt class="py-line">                    <tt id="link-405" class="py-name"><a title="esapi.encoder.Encoder" class="py-name" href="#" onclick="return doclink('link-405', 'Encoder', 'link-15');">Encoder</a></tt><tt class="py-op">.</tt><tt id="link-406" class="py-name" targets="Variable esapi.encoder.Encoder.CHAR_PASSWORD_SPECIALS=esapi.encoder.Encoder-class.html#CHAR_PASSWORD_SPECIALS"><a title="esapi.encoder.Encoder.CHAR_PASSWORD_SPECIALS" class="py-name" href="#" onclick="return doclink('link-406', 'CHAR_PASSWORD_SPECIALS', 'link-406');">CHAR_PASSWORD_SPECIALS</a></tt><tt class="py-op">]</tt> </tt>
<a name="L487"></a><tt class="py-lineno">487</tt>  <tt class="py-line">        <tt class="py-keyword">for</tt> <tt class="py-name">charset</tt> <tt class="py-keyword">in</tt> <tt class="py-name">charsets</tt><tt class="py-op">:</tt> </tt>
<a name="L488"></a><tt class="py-lineno">488</tt>  <tt class="py-line">            <tt class="py-keyword">for</tt> <tt class="py-name">c</tt> <tt class="py-keyword">in</tt> <tt class="py-name">new_password</tt><tt class="py-op">:</tt> </tt>
<a name="L489"></a><tt class="py-lineno">489</tt>  <tt class="py-line">                <tt class="py-keyword">if</tt> <tt class="py-name">c</tt> <tt class="py-keyword">in</tt> <tt class="py-name">charset</tt><tt class="py-op">:</tt> </tt>
<a name="L490"></a><tt class="py-lineno">490</tt>  <tt class="py-line">                    <tt class="py-name">num_charsets</tt> <tt class="py-op">+=</tt> <tt class="py-number">1</tt> </tt>
<a name="L491"></a><tt class="py-lineno">491</tt>  <tt class="py-line">                    <tt class="py-keyword">break</tt> </tt>
<a name="L492"></a><tt class="py-lineno">492</tt>  <tt class="py-line">                     </tt>
<a name="L493"></a><tt class="py-lineno">493</tt>  <tt class="py-line">        <tt class="py-comment"># calculate strength = length * charsets</tt> </tt>
<a name="L494"></a><tt class="py-lineno">494</tt>  <tt class="py-line">        <tt class="py-name">strength</tt> <tt class="py-op">=</tt> <tt class="py-name">len</tt><tt class="py-op">(</tt><tt class="py-name">new_password</tt><tt class="py-op">)</tt> <tt class="py-op">*</tt> <tt class="py-name">num_charsets</tt> </tt>
<a name="L495"></a><tt class="py-lineno">495</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">strength</tt> <tt class="py-op">&lt;</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-407" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.MIN_PASSWORD_STRENGTH" class="py-name" href="#" onclick="return doclink('link-407', 'MIN_PASSWORD_STRENGTH', 'link-34');">MIN_PASSWORD_STRENGTH</a></tt><tt class="py-op">:</tt> </tt>
<a name="L496"></a><tt class="py-lineno">496</tt>  <tt class="py-line">            <tt class="py-keyword">raise</tt> <tt id="link-408" class="py-name"><a title="esapi.exceptions.AuthenticationCredentialsException" class="py-name" href="#" onclick="return doclink('link-408', 'AuthenticationCredentialsException', 'link-27');">AuthenticationCredentialsException</a></tt><tt class="py-op">(</tt> </tt>
<a name="L497"></a><tt class="py-lineno">497</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"Invalid password"</tt><tt class="py-op">)</tt><tt class="py-op">,</tt> </tt>
<a name="L498"></a><tt class="py-lineno">498</tt>  <tt class="py-line">                <tt class="py-name">_</tt><tt class="py-op">(</tt><tt class="py-string">"New password is not long or complex enough"</tt><tt class="py-op">)</tt> <tt class="py-op">)</tt> </tt>
</div><a name="L499"></a><tt class="py-lineno">499</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.exists"></a><div id="ShelveAuthenticator.exists-def"><a name="L500"></a><tt class="py-lineno">500</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.exists-toggle" onclick="return toggle('ShelveAuthenticator.exists');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#exists">exists</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">,</tt> <tt class="py-param">account_id</tt><tt class="py-op">=</tt><tt class="py-name">None</tt><tt class="py-op">)</tt><tt class="py-op">:</tt>      </tt>
</div><a name="L501"></a><tt class="py-lineno">501</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt id="link-409" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-409', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L502"></a><tt class="py-lineno">502</tt>  <tt class="py-line">            <tt id="link-410" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-410', 'account_name', 'link-79');">account_name</a></tt> <tt class="py-op">=</tt> <tt id="link-411" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-411', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">.</tt><tt class="py-name">lower</tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L503"></a><tt class="py-lineno">503</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">has_key</tt><tt class="py-op">(</tt><tt id="link-412" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-412', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt> </tt>
<a name="L504"></a><tt class="py-lineno">504</tt>  <tt class="py-line">             </tt>
<a name="L505"></a><tt class="py-lineno">505</tt>  <tt class="py-line">        <tt class="py-keyword">elif</tt> <tt id="link-413" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-413', 'account_id', 'link-364');">account_id</a></tt> <tt class="py-keyword">is</tt> <tt class="py-keyword">not</tt> <tt class="py-name">None</tt><tt class="py-op">:</tt> </tt>
<a name="L506"></a><tt class="py-lineno">506</tt>  <tt class="py-line">            <tt class="py-comment"># This is a bad nieve search and should be changed according to your system.</tt> </tt>
<a name="L507"></a><tt class="py-lineno">507</tt>  <tt class="py-line">            <tt class="py-comment"># SQL can do this much better</tt> </tt>
<a name="L508"></a><tt class="py-lineno">508</tt>  <tt class="py-line">            <tt class="py-keyword">for</tt> <tt class="py-name">user_name</tt> <tt class="py-keyword">in</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">.</tt><tt class="py-name">keys</tt><tt class="py-op">(</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L509"></a><tt class="py-lineno">509</tt>  <tt class="py-line">                <tt id="link-414" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-414', 'user', 'link-20');">user</a></tt> <tt class="py-op">=</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">user_shelf</tt><tt class="py-op">[</tt><tt class="py-name">user_name</tt><tt class="py-op">]</tt> </tt>
<a name="L510"></a><tt class="py-lineno">510</tt>  <tt class="py-line">                <tt class="py-keyword">if</tt> <tt id="link-415" class="py-name"><a title="esapi.core.ESAPI.user
esapi.user" class="py-name" href="#" onclick="return doclink('link-415', 'user', 'link-20');">user</a></tt><tt class="py-op">.</tt><tt id="link-416" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-416', 'account_id', 'link-364');">account_id</a></tt> <tt class="py-op">==</tt> <tt id="link-417" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_id
esapi.user.AnonymousUser.account_id
esapi.user.User.account_id" class="py-name" href="#" onclick="return doclink('link-417', 'account_id', 'link-364');">account_id</a></tt><tt class="py-op">:</tt> </tt>
<a name="L511"></a><tt class="py-lineno">511</tt>  <tt class="py-line">                    <tt class="py-keyword">return</tt> <tt class="py-name">True</tt> </tt>
<a name="L512"></a><tt class="py-lineno">512</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">False</tt> </tt>
</div><a name="L513"></a><tt class="py-lineno">513</tt>  <tt class="py-line">         </tt>
<a name="ShelveAuthenticator.get_old_password_hashes"></a><div id="ShelveAuthenticator.get_old_password_hashes-def"><a name="L514"></a><tt class="py-lineno">514</tt> <a class="py-toggle" href="#" id="ShelveAuthenticator.get_old_password_hashes-toggle" onclick="return toggle('ShelveAuthenticator.get_old_password_hashes');">-</a><tt class="py-line">    <tt class="py-keyword">def</tt> <a class="py-def-name" href="esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#get_old_password_hashes">get_old_password_hashes</a><tt class="py-op">(</tt><tt class="py-param">self</tt><tt class="py-op">,</tt> <tt class="py-param">account_name</tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
</div><div id="ShelveAuthenticator.get_old_password_hashes-collapsed" style="display:none;" pad="+++" indent="++++++++"></div><div id="ShelveAuthenticator.get_old_password_hashes-expanded"><a name="L515"></a><tt class="py-lineno">515</tt>  <tt class="py-line">        <tt class="py-keyword">if</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt id="link-418" class="py-name" targets="Method esapi.authenticator.Authenticator.exists()=esapi.authenticator.Authenticator-class.html#exists,Method esapi.reference.shelve_authenticator.ShelveAuthenticator.exists()=esapi.reference.shelve_authenticator.ShelveAuthenticator-class.html#exists"><a title="esapi.authenticator.Authenticator.exists
esapi.reference.shelve_authenticator.ShelveAuthenticator.exists" class="py-name" href="#" onclick="return doclink('link-418', 'exists', 'link-418');">exists</a></tt><tt class="py-op">(</tt><tt id="link-419" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-419', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">)</tt><tt class="py-op">:</tt> </tt>
<a name="L516"></a><tt class="py-lineno">516</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-name">self</tt><tt class="py-op">.</tt><tt class="py-name">cred_shelf</tt><tt class="py-op">[</tt><tt id="link-420" class="py-name"><a title="esapi.reference.default_user.DefaultUser.account_name
esapi.user.AnonymousUser.account_name
esapi.user.User.account_name" class="py-name" href="#" onclick="return doclink('link-420', 'account_name', 'link-79');">account_name</a></tt><tt class="py-op">]</tt><tt class="py-op">.</tt><tt id="link-421" class="py-name"><a title="esapi.reference.shelve_authenticator.ShelveAuthenticator.get_old_password_hashes
esapi.reference.user_credentials.UserCredentials.get_old_password_hashes" class="py-name" href="#" onclick="return doclink('link-421', 'get_old_password_hashes', 'link-341');">get_old_password_hashes</a></tt><tt class="py-op">(</tt><tt class="py-op">)</tt> </tt>
<a name="L517"></a><tt class="py-lineno">517</tt>  <tt class="py-line">        <tt class="py-keyword">else</tt><tt class="py-op">:</tt> </tt>
<a name="L518"></a><tt class="py-lineno">518</tt>  <tt class="py-line">            <tt class="py-keyword">return</tt> <tt class="py-op">[</tt><tt class="py-op">]</tt> </tt>
</div></div><a name="L519"></a><tt class="py-lineno">519</tt>  <tt class="py-line"> </tt><script type="text/javascript">
<!--
expandto(location.href);
// -->
</script>
</pre>
<br />
<!-- ==================== NAVIGATION BAR ==================== -->
<table class="navbar" border="0" width="100%" cellpadding="0"
       bgcolor="#a0c0ff" cellspacing="0">
  <tr valign="middle">
  <!-- Home link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="esapi-module.html">Home</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Tree link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="module-tree.html">Trees</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Index link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="identifier-index.html">Indices</a>&nbsp;&nbsp;&nbsp;</th>

  <!-- Help link -->
      <th>&nbsp;&nbsp;&nbsp;<a
        href="help.html">Help</a>&nbsp;&nbsp;&nbsp;</th>

      <th class="navbar" width="100%"></th>
  </tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" width="100%%">
  <tr>
    <td align="left" class="footer">
    Generated by Epydoc 3.0.1 on Sun Nov  8 16:04:24 2009
    </td>
    <td align="right" class="footer">
      <a target="mainFrame" href="http://epydoc.sourceforge.net"
        >http://epydoc.sourceforge.net</a>
    </td>
  </tr>
</table>

<script type="text/javascript">
  <!--
  // Private objects are initially displayed (because if
  // javascript is turned off then we want them to be
  // visible); but by default, we want to hide them.  So hide
  // them unless we have a cookie that says to show them.
  checkCookie();
  // -->
</script>
</body>
</html>
